HOMETHREATSThe Shadow Brokers
APT / THREAT GROUP

The Shadow Brokers

5
aliases
Last seen:Mar 17, 2026

Intelligence Profile

The Shadow Brokers (TSB) is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools from the National Security Agency (NSA, including several zero-day exploits.[1] Specifically, these exploits and vulnerabilities targeted enterprise firewalls, antivirus software, and Microsoft products. The Shadow Brokers originally attributed the leaks to the Equation Group threat actor, who have been tied to the NSA's Tailored Access Operations unit.

Threat Analysis

The Shadow Brokers is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases5
SourceMalpedia

Also Known As

The ShadowBrokersShadow BrokersTSBShadowBrokersThe Shadow Brokers

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.