Spy agencies like the NSA hack various targets on a regular basis, and they’ve probably been doing it ever since the world got online. However, these secret operations have often made the news in recent years, especially following the Snowden leaks that revealed the mass spying operations and sophisticated digital tools that the NSA and its partners used to collect data in bulk.
A new leak now reveals a list of web addresses that were compromised by the NSA over a period of ten years. Those addresses may have been used and could be still used, for certain spying operations. So if your organization has ever come in contact with these sites, then you may have been a target as well.
Going by the name of Shadow Brokers, the hacker collective published a list of web addresses that were used to initiate attacks. “Many missions is/was coming from these IP addresses,” the post notes.
According to Ars Technica, the list leaked on Monday includes 352 distinct IP addresses and 306 domain names that were hacked by the NSA at some point between August 22, 2000, and August 18, 2010.
The addresses include 32 .edu domains, nine .gov domains, and targets are located in 49 countries.
“If this data is believed then it may contain a list of computers which were targeted during this time period,” Hacker House told Ars. “A brief Shodan scan of these hosts indicate that some of the affected hosts are still active and running the identified software. These hosts may still contain forensic artifacts of the Equation Group APT group and should be subject to incident response handling procedures.”
Equation Group is the unofficial name given to an elite NSA team of hackers by Kaspersky Lab researchers. Equation Group operated largely undetected for more than 14 years until Kaspersky brought the group to light. That’s not an official name for the suspected NSA hackers organization.
Head on to the source link to learn more details about this new Shadow Brokers’ leak.