Hackers Shadow Brokers have published a new piece of data grouping Equation Group

Shadow Brokers hackers gained worldwide fame after releasing classified data from the elite cyber group Equation Group, which used sophisticated and well-developed cyber weapons in cyber attacks. The eqgrp-free-file archive previously published by hackers contained several 0day exploits for Cisco and Fortinet network devices. This time, hackers posted an open archive with information about the cyber attack metadata used by the group. In particular, it shows the IP addresses and domains of the sources of cyber attacks, as well as their dates.

This is being equation group pitchimpair (redirector) keys, many missions into your networks is / was coming from these ip addresses . Is being unfortunate no peoples is already owning eqgrp_auction_file. Auction file is having tools for to making connect to these pitchimpairs.

An encrypted archive called trickortreat.tar.xz.gpg contains a set of directories with information about the domains and IP addresses that were used by the Equation Group in cyber attacks on their victims. The screenshot below shows some of the directories in the archive. It can be seen that there are servers from around the world.



Microsoft Security Matt Matt Swann has published a visual representation of Equation Group server information in an Excel document.



As can be seen from the data presented, the archive contains information about cyber attacks that were carried out from 2000 to 2010. It also shows that most of the alleged victims of the Equation Group worked on Solaris, with some using Linux and FreeBSD. The cyber attack servers were located in many countries, including, Japan, Korea, Belgium, India, Hungary, Russia, Mexico, Spain, Poland, Germany, China, etc. Thus, it is obvious that the group used different servers in each case of cyber attacks to mask its infrastructure, as well as to complicate the detection of the real origin of a cyber attack.

"The American intelligence services have arrested a possible informant of hackers Shadow Brokers
" Casket with exploits Equation Group replenished with a new instance
"Snowden documents confirm the authenticity of Shadow Brokers data
» Cisco and Fortinet issue security notifications after Equation Group data leakage
» Published Equation Group elite cybergroups were no joke
» Famous Equation Group cybergroup could be subjected to large-scale hacking