US spied on Pakistan through hacking tools
ISLAMABAD: The Intercept on Saturday published new Snowden documents that reveal an official connection between official National Security Agency (NSA) cyber-weapons and the malware dumped by The Shadow Brokers.
The documents are internal NSA operations manuals that describe how CNE (Computer Network Exploitation) tools must be used, world media reported.
The document which The Intercept received from Snowden a few years back but never published describes a hacking system called BADDECISION.
Leaked exploit was part of a bigger hacking system
The BADDECISION system is made up of the FOXACID server, the SECONDDATE exploit, and the BLINDDATE field operations software, among other things.
The SECONDDATE exploit is a tool that works at the network level by intercepting web requests and redirecting them to the FOXACID server, where the user is infected with the desired malware.
According to procedures described in the operations manual, NSA employees must use IDs to tag victims sent to the FOXACID server via different exploits.
The document reveals that SECONDDATE's ID is ace02468bdf13579.
This very same ID was found in 14 different files in the files named SECONDDATE included in the Shadow Brokers leak.
The NSA used exploit in Pakistan and Lebanon
Furthermore, other documents revealed that the NSA used a system called BLINDDATE to automate SECONDDATE attacks on Wi-Fi networks in the field.
BLINDDATE is a hardware system running custom software that can launch MitM (man-in-the-middle) attacks leveraging SECONDDATE, HAPPY HOUR, NITESTAND, and others.
The equipment is used in the field, in the range of an enemy's wireless network. BLINDDATE is a laptop with a giant antenna, which can also be mounted on drones, and redirect a Wi-Fi network's web traffic to the NSA FOXACID server.
According to Snowden documents leaked in 2013, BLINDDATE was used to spy on Pakistan's National Telecommunications Corporation’s VIP Division and on Lebanon's major ISPs.
These campaigns provided the NSA with information on Pakistan’s Green Line communications network, Pakistan's civilian and military leadership, and on Hizballah's Unit 1800 activities.
Before The Intercept linked the Shadow Brokers leak with actual NSA cyber-weapons, Kaspersky researchers tied the malware in the group's data dump to tools used by the Equation Group cyber-espionage APT, believed to be linked to the NSA.
-
Michael B. Jordan Gives Credit To 'All My Children' For Shaping His Career: 'That Was My Education' -
Sun Appears Spotless For First Time In Four Years, Scientists Report -
Bella Hadid Opens Up About 'invisible Illness' -
Lawyer Of Epstein Victims Speaks Out Directly To King Charles, Prince William, Kate Middleton -
Microsoft CEO Shares How Gates Doubted $1bn OpenAI Investment -
Milo Ventimiglia Calls Fatherhood 'pretty Wild Experience' As He Expects Second Baby With Wife Jarah Mariano -
Chinese Scientists Unveil Advanced AI Model To Support Deep-space Exploration -
Anthropic’s New AI Tool Wipes Billions Off Cybersecurity Stocks -
Trump Announces He Is Sending A Hospital Ship To Greenland Amid Rising Diplomatic Tensions -
'Never Have I Ever' Star Maitreyi Ramakrishnan Lifts The Lid On How She Avoids Drama At Coffee Shops Due To Her Name -
Inside Prince William’s Plans For Prince Harry: What Will Happen To Duke Once He’s King -
Chyler Leigh Pays Moving Homage To 'Grey’s Anatomy' Co-star Eric Dane: 'He Was Amazing' -
Did You Know Tech CEOs Limit Screen Time For Their Own Kids? -
Matthew Lillard Admits Fashion Trends Are Not His 'forte' -
SpaceX Launches Another Batch Of Satellites From Cape Canaveral During Late-night Mission On Saturday -
Princess Beatrice, Eugenie Get Pulled Into Parents’ Epstein Row: ‘At Least Stop Clinging!’