Hacker News new | past | comments | ask | show | jobs | submit login

Who is doing this knowing fully well that GHCQ , FBI and possibly even the NSA are hard at work trying to get them ?

These people are going down . No doubt about it.




This is what happens when spambot skiddies accidentally acquire a treasure-trove of NSA tools via a C2 server they have pwned. They failed to sell ('broker') them as nobody was stupid enough to touch them, they failed to blackmail with them (omg what a bad move), then they failed to weaponise their own gear with them (wcry 1.0 in February), and even though wcry 2.0 is widespread and very disruptive, really they failed again only making 50k out of how many infections? They have only 3 bitcoin addresses making it obvious nobody is getting decrypted (how do they know who has paid?) or there is a single master key which will be found soon, their sandbox detector is a killswitch. Larry, Moh and Curly have invited a world of pain upon themselves - as well as probably killing people on NHS - they also infected Moscow Police - so FSB too.

Definitely, would not like to be them.


A bunch of articles, even Snowden, argued that it's very likely that the NSA tools were stolen by the Russians.

https://twitter.com/Snowden/status/765514891813945344


And given the indications about how hard various Russian infrastructure was hit, that would be ironic.

Of course, if you were a nation state and you wanted to attack an adversary but you knew that if you did you would get blowback, you might "lose" some tools that you knew some script kiddies would be able to weaponize.

Interesting times indeed.


It's very likely the attackers themselves are surprised by the magnitude of this.

The sweet spot for an attack is welll below the level where you wake up national LE, especially in such a public way.

Remember when LulzSec was hacking everything in sight with daily press coverage. If I remember correctly all but one were arrested in under 1 year.


I think you vastly overstate this. While I can't speak to GHCQ, I really don't think NSA has a charter to pursue justice. The FBI may be, but I'm just not convinced they will move quick enough to matter (they do move, but only against a large established organization).


I'd be surprised if the NSA were just sitting back watching their code fly around the internet.


Just from my limited experience of "being alive in the USA for 30-something odd years".. I don't think anyone is hard at work trying to get anyone. If you actually ever get the attention of the NSA/CIA - you don't get "caught" or ever make it to the news(except in gaffe's like snowden/assange, we weren't supposed to find out about them). They want us to forget about you, while you either rot in a dungeon(forever) or are already buried in a shallow unmarked grave.

The reason is there is no good press to be gotten by announcing they caught these people...all that does is draw attention to the fact they were breached/bamboozled/whatever in the first place. In their eyes, this story and any public interest cannot die quickly enough.


Disagree: they will hang the idiots responsible for WCry high and publicly, just to make an example pour encourager les autres.

Seriously, this cat's already out of the ba. There's nothing to be gained by trying to bury it, and making the consequences clear might reduce the likelihood of a repeat.


Unless it was the FSB. Then its 'aw shucks the russian hackers did it again'.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: