The teaser data dump appears to contain legitimate attack code, some experts say.
The United States government can’t seem to catch a break in cyberspace.
Hackers claim to have stolen attack code from a team of sophisticated cyber spies known as “the Equation Group,” widely believed to be associated with the U.S. National Security Agency, one of the world’s top intelligence outfits. The hackers have offered to sell their purloined exploits to the highest bidder in an online auction conducted in the cryptocurrency Bitcoin.
Although the alleged breach could just be an extravagant hoax, experts who reviewed a preliminary data dump teased alongside the hackers’ garbled sales pitch said that the files, amazingly, looked authentic. “This appears to be legitimate code,” Matt Suiche, a French cybersecurity entrepreneur, wrote in a Medium blog post, echoing what others had posted on Twitter TWTR -2.54% .
Get Data Sheet, Fortune’s technology newsletter.
“We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see,” the hackers wrote Saturday on the code-sharing site Github, as well as on Yahoo-owned Tumblr YHOO -0.94% (both later taken down). “This is good proof no? You enjoy!!!”
The lifted goods include exploits allegedly designed to target firewalls and equipment produced by Cisco CSCO -0.11% , Juniper Networks JNPR -1.08% , Fortinet FTNT 3.22% , and Topsec, a Chinese firm. The latest file modifications appear to date back to 2013, and names are consistent with NSA programs leaked by whistleblower Edward Snowden that year, such as “BANANAGLEE,” “EPICBANANA,” and “JETPLOW.”