|Multi Request||FBI Metasploit release of EternalBlue|
|Submitted||Feb. 4, 2020|
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
To Whom It May Concern:
Pursuant to the Freedom of Information Act, I hereby request the following records:
Any records related to Metasploit including the ETERNALBLUE, EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing computer vulnerability exploitation code into the Metasploit framework, developed by Rapid7. This could for example be damage assessments that are being shared with any other government agencies, or received by such agencies. As well as any investigations that could have stemmed into the inclusion of such cyber attack tools into an open source and freely distributive and completely free tool like Metasploit.
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. On May 12, 2017, the worldwide WannaCry ransomware used this exploit to attack unpatched computers.
EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing are all cyber attacks tool developed by the U.S National Security Agency. It was leaked by the Shadow Brokers hackers group in 2017.
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 20 business days, as the statute requires.
Jurre van Bergen
There are eFOIA files available for you to download.
I'm appealing my freedom of information request on grounds of the integrity of the search in its entirety.
It' been widely reported the FBI worked with "decloaking" or NITS attacks to target people in investigations, mentioning there isn't any material at all related to Metasploit would be very strange.
The Office of Information Policy has received your FOIA Appeal. Please see the attached acknowledgment letter.
The Office of Information Policy has made its final determination on your FOIA Appeal Number A-2020-01229 . A copy of this determination is enclosed for your review, along with any enclosures, if applicable. Thank you.