Andy Greenberg reports:
When the still-unidentified group calling itself the Shadow Brokers spilled a collection of NSA tools onto the internet in a series of leaks starting in 2016, they offered a rare glimpse into the internal operations of the the world’s most advanced and stealthy hackers. But those leaks haven’t just let the outside world see into the NSA’s secret capabilities. They might also let us see the rest of the world’s hackers through the NSA’s eyes.
Over the last year, Hungarian security researcher Boldizsár Bencsáth has remained fixated by one of the less-examined tools revealed in that disemboweling of America’s elite hacking agency: A piece of NSA software, called “Territorial Dispute,” appears to have been designed to detect the malware of other nation-state hacker groups on a target computer that the NSA had penetrated. Bencsáth believes that specialized antivirus tool was intended not to remove other spies’ malware from the victim machine, but to warn the NSA’s hackers of an adversary’s presence, giving them a chance to pull back rather than potentially reveal their tricks to an enemy.
Read more on Wired.