New documents from the Edward Snowden leaks provide more evidence that stolen source code from a group believed to be tied to the National Security Agency (NSA) is authentic.
More than three years after the Snowden leaks began, The Intercept on Friday released new documents that tie documents hackers recently put up for auction directly to the NSA.
{mosads}On Monday, a group calling itself the Shadow Brokers announced it was auctioning off code stolen from the Equation Group, a group believed to be — but not proven to be — an NSA hacking operation. They released a sample in advance to prove authenticity.
The Intercept and Matt Suiche, founder of United Arab Emirates-based cybersecurity start-up Comae Technologies and a leading analyst of the Shadow Brokers’ code, have tied that code to an NSA hacking program mentioned in the Snowden leaks.
Snowden documents specifically mention a 16 character tracking code used in certain hacking operations, “ace02468bdf13579.” That code was also found within the sample files. The odds of a two random, 16-digit strings of lowercase letters and numbers being identical are very slim.
That string was found within the Shadow Brokers code in a section labeled “SECONDDATE” — the same name given in the NSA documents.
The Snowden leaks describe SECONDDATE as a program designed to reroute web traffic to NSA servers that have been used against targets in Pakistan and Lebanon.