Latest NSA Leak Discovered at least three Pakistani ISPs and four Indian ISPs were effected by NSA surveillance program. Recent Monday’s dump contains nearly 350+ IP Addresses and 300+ domains that completely backdoor by NSA. That leak includes 9 .gov domains and 32 .edu domains.

There were 49 targeted countries, with top India, Pakistan, Germany, Russia, Korea, China and Japan.

According to flashpoint-intel.com.

The servers were likely designed for Computer Network Exploitation (CNE) related to a Computer Network Operations (CNO) covert reconnaissance operation, perhaps performed by the NSA sometime between 2000 and 2010. If the last eight digits implicate the date of the exploit stage server usage, then the earliest one can be traced back to Intonation’s exploit server on August 22, 2000, while the latest stage server is traceable to Pitchimpair’s server on July 22, 2010.

Further analysis reveals that these exploits were mainly staged at “Sun Solaris” Linux servers.

Image 1: The Shadow Brokers leaked two folders, “intonation” and “pitchimpair,” containing apparent covert operation names such as “Incision,” “Orangutan,” and “Reticulum.”
Image 1: The Shadow Brokers leaked two folders, “intonation” and “pitchimpair,” containing apparent covert operation names such as “Incision,” “Orangutan,” and “Reticulum.”
Image 2: The content of the leaked files reveals various mail configuration setup export configurations, including IPs.
Image 2: The content of the leaked files reveals various mail configuration setup export configurations, including IPs.

It is unclear how deep these hacks had penetrated back then but source confirms that NSA had backdoor access to various computers on these networks.