Iranian Cyberespionage Tools Leaked Online

The source code of a set of Iranian cyberespionage tools was leaked online.

Posted on April 19, 2019 at 8:12 AM • 14 Comments

Comments

Ross SniderApril 19, 2019 12:54 PM

This is fascinating. First US tools, now Iranian.

While in the short run these are painful for espionage agencies and the governments utilizing them ultimately in the long run I think these leaks are important to the transparency we all need to understand the security of the world we live in and the relationship we as citizens have with those who govern.

And now to dive deep and see if there's any juicy cyberweapons. :)

Ross SniderApril 19, 2019 12:56 PM

Forgot to note: speculation at this time, but this could be another spy agency doxxing another spy agency. If that's the norm, I welcome it for the reasons in the above comment, even if its also mixed with other geopolitical objectives.

The PullApril 19, 2019 1:29 PM

@Snider

Your second statement holds true with the NSA toolkit leak, as well.

Problem is, their motives very likely would not be the motives you may think they are. Could the Iranian tools leakers be the same as the NSA tools leakers. That certainly is a very far fetched possibility. But, it is hard to explain the motives of the leakers beyond coincidence.

It certainly does not appear American, because of the NSA leak. Unless the NSA leak did not really give away anything.

It is hard to say what might be going on in "deep state" USA. Or, deep state, in any other nation. What sort of spy wars might be happening far under the metaphorical sea of intelligence.

Could be some rogue organization of significant capacity born and funded through who knows what means.

The Pull

The PullApril 19, 2019 2:22 PM

@ mod

Feel free to email my given email, and I can prove this is me. I did not come out as Laird Brown did. But, simply providing my linkedin should be sufficient evidence. As the evidence is there.

I would think what we did in Hacktivismo was a goal you would be aligned with.Likewise, I still work towards those goals -- and always have.


@Snider

BTW, what I posted was not to occlude matters. There really is stuff which is big that does not hit the media. We can assume Russia was behind the Shadowbrokers, and can assume then, they are behind this latest attack/release of tools. They are very heavy in oil & gas and hack us down in Texas quite a bit in that arena.

Why they would help us secure these systems, I can not fathom.

Or, maybe NSA/CIA/ABC whomever is behind it.

The later is doubtful.

cura scurryApril 19, 2019 3:15 PM

So that the context of this 2019 April 4th web article DE-ESCALATES properly (peacefully):

Please study the following weblink's linked human-readable content. Please study it last entry to first entry if you please; it's decent in text form.

oathkeepers.org / declaration-of-orders-we-will-not-obey /

I hope your (plural) filter bubble(s) and my filter bubble (singular) still present the same data which seems to me to be still quite normal and decent and proper and appropriate and peacefully pragmatic.

Thanks.

DennisApril 20, 2019 7:57 AM

@The Pull, "BTW, what I posted was not to occlude matters. There really is stuff which is big that does not hit the media. We can assume Russia was behind the Shadowbrokers, and can assume then, they are behind this latest attack/release of tools."

I just can't understand this line of thining when he/they were so apparently caught.

The PullApril 20, 2019 12:24 PM

@Dennis

https://en.wikipedia.org/wiki/The_Shadow_Brokers#Speculations_and_theories_on_motive_and_identity

Whatever the case, Lulzsec was caught too, right? Only a "Japanese" member of the group with better skills then anyone there got away. Same Lulzsec who was hacking foreign embassies, which are hot spots for undercover spies. This was done while the ringleader was working for the FBI.

This story did leak, but besides Vice, and another smaller news agency, nobody took it up or investigated further.

All these sorts of stories rely on investigators - in these cases counter-intelligence investigators - to give a full & truthful story to the news.

But, they have no moral nor legal responsibility to do so.

Because these are counter-intelligence issues more then mere law enforcement.

DennisApril 21, 2019 4:28 AM

@The Pull wrote, "But, they have no moral nor legal responsibility to do so. "

Thus, the real "truth" never gets out unless there's intended consequence in doing so. Going a step further, unless anything is witnessed first hand, one can never be sure of its authenticity. With this line of thinking, it is easy to see that TSB was/were caught and reasonably stopped. The whole thing may not as complicated as some folks had pictured. It is certain we will never know what really happened and what happened has very little meddle in our daily affairs going forward.

The PullApril 21, 2019 12:17 PM

@Dennis

Counter-intelligence, and intelligence, do not have a license to kill, but they do have a license to lie. They have a moral and ethical reason to do so. Sometime, of course, they may lie for bad reasons. And not everyone who works for their respective government is a good person, even though their job is one of service to many people.

Back in the day, when I was doing hacktivismo, and full disclosure vulnerability work in my 'day job'... I had to dabble in counter-intelligence because China thought Hacktivismo and the company I worked at was US Gov.

So, I ended up having to work with intel for a number of years... my read, from that angle of matters, is the Shadowbrokers were Russian intelligence.

Agree to disagree if you wish... but just saying how it looks from my perspective. Their propaganda was very "russia" stamped on it.

Cat’s out of the bagApril 21, 2019 6:47 PM

Study the code. Learn to defend against it. Too many whining Rottweiler pups begging for a handout behind the German bar.

The PullApril 21, 2019 9:05 PM

@cat's out of the bag

Hey, I appreciate my brothers & sisters of Russia, my own self. The Directorate S ones, that is. No other nation goes as far - that any knows about - in regards to professionalism and commitment.

But, does not mean people should be unaware of their hard work. It is smart, but hard work goes behind their smart efforts.

From this angle, the Shadowbrokers, like the Lulzsec project were masterpieces.

This set of tools, has been deemed 'not as good' as what NSA loot gave. But, at least Persia is trying.


The Pull

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.