A group that calls itself the Shadow Brokers posted a cache of files online over the weekend along with an invitation: "Equation Group Cyber Weapons Auction."
"Equation Group" is a name used in cyber security circles for the National Security Agency. By Monday morning, researchers were trying to figure out whether the files came from the Fort Meade-based agency. That is, whether the Shadow Brokers had succeeded in hacking the NSA's hackers — and were now offering the agency's cyber weapons to the highest bidder.
If the files do prove to be from the NSA, it would show that hackers can penetrate even some of the nation's most closely guarded material. The files, if authentic, would provide researchers an unprecedented look at the technical tools the agency uses to gather intelligence around the world.
But with so much of the agency's internal workings revealed in documents leaked by former NSA contractor Edward Snowden, the possibility remains that the apparent leak is merely an elaborate but plasuible-seeming hoax.
In their online postings, the Shadow Brokers said the files released over the weekend are just a taste of what they have obtained. They said they would release more if the bidding reached some $565 million in the digital currency bitcoin.
The group also railed against the power of what it describes as "wealthy elites."
"We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control," they said in one post. "Let us spell out for Elites. Your wealth and control depends on electronic data."
Matt Suiche, the founder of United Arab Emirates-based security start up Comae Technologies, said that on an initial review "the files look legitimate."
"Basically Shadow Brokers say that they hacked the NSA and that they have more files against them," he said.
The name Equation Group was first used by the computer security firm Kaspersky last year to label a sophisticated hacking operation it described in a report it published. The firm stopped short of saying outright that the group had ties to the NSA, but the name has become shorthand for the agency.
Other researchers were reluctant to draw firm conclusions about the files on Monday. But many were swapping observations on Twitter and reporting details they found in the code.
The National Security Agency did not respond to a request for comment.