NSA logo
The NSA tools leaked show how the agency has allegedly used spyware and malware to track servers of renowned companies and institutions Getty Images

The Shadow Brokers, the infamous hacking group that declared its retirement from the circuit, is back with yet another dump of NSA hacking tools and this time it has something to do with US President Donald Trump.

The hacking group that first appeared in the summer of 2016 exposing some of NSA's most guarded hacking tools said it is disappointed with Trump and his policies as he is not standing up to be the president they hoped. They accused the 70-year-old of turning his back on people who voted for him.

In a blog post detailing their reason in a not so articulate manner, the group said, " Dear President Trump -- Respectfully, what the f**k are you doing? TheShadowBrokers voted for you. TheShadowBrokers supports you. TheShadowBrokers is losing faith in you.... It is appearing you are abandoning 'your base', 'the movement', and the people who got you elected."

The latest cache of documents is still being analysed by security researchers in detail, but some of the revelations made in the dump include the following:

  • A list of servers that NSA allegedly hacked into and even may have launched malware attacks on
  • New set of tools used to hack into servers like PITCHIMPAIR
  • Password for an encrypted file containing many of the Equation Group surveillance tools dumped in 2016
  • A framework called TOAST that is used to clean server logs and clear the NSA's tracks

Some of the exploits date back to the 1990s and most of them focus on Linux based systems. The dump is the first since the hacking group announced their retirement in January after releasing a trove of active Microsoft Windows software exploits in January.

Commenting on the latest stash, former NSA contractor Edward Snowden tweeted saying the leak is "nowhere near" representing the NSA's complete tool set, but there is enough proof for the NSA to identify where the leak took place from.

The latest leak follows WikiLeaks #Vault7 series dump which contained documents from the CIA's Grasshopper framework, a platform used to build customised malware for Microsoft Windows operating systems.