Leaked ShadowBrokers Tools Do Not Target F5 Networks

As has been reported, a previously unknown "ShadowBrokers" actor mysteriously released a portion of hacking tools claimed to be related to a state sponsored "Equation Group", and will be auctioning off the rest. The leaked files included 0-day exploits and "implants" (backdoors to control the device after it has been compromised) for various firewalls such as Cisco ASA, Cisco PIX, Juniper NetScreen, TOPSEC and WatchGuard.

F5 researchers have analyzed the publically available files and have not found any evidence that F5 products are affected by any of those exploits.

The "BANANAGLEE" implant for Cisco and Juniper does have a "maclist" file which mentions all the MAC address vendors, including "F5 Networks", but it is not used in a way that relates to F5 products.

F5 will keep monitoring further potential leaks by "ShadowBrokers" to assess whether there are any risk for F5 customers.

Published Aug 24, 2016
Version 1.0

Was this article helpful?

No CommentsBe the first to comment