Hacking group offers subscription for NSA code

The WannaCry attack that took place over the weekend didn't involve any zero-day exploits - Microsoft had patched the SMB exploit used by EternalBlue in March, and the WannaCry ransomware was known to many antivirus vendors.

While the EternalBlue exploit did not affect Windows 10, the group said "newer exploits for Windows 10" could be provided, as well as "compromised network data" from worldwide financial systems and foreign nuclear and missile programmes.

In the blog post, Shadow Brokers mention that they're taking a stern approach towards fighting the cybersecurity practices across the globe - and they think leaking sensitive data is the best option to do so. "More details in June", it promised.

The group goes on to claim that it has spies inside Microsoft among other United States technology companies and says it plans to sell off new exploits every month from June onwards.

As if dealing with the continuing drama of the WannaCry global ransomware attack was not enough, the original group behind the leak of the US National Security Agency (NSA's), hacking tools has announced it is going to release more tools that could be exploited in the near future.

The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that spread the WannaCry ransomware through the NHS and across the world, says it has a new suite of tools and vulnerabilities in newer software. TheShadowBrokers is launching new monthly subscription model.

"It's being like wine of month club", said the blog post, which is written in broken English.

The move highlights the growing commercial sophistication of groups such as Shadow Brokers, which has already demonstrated a fearsome technical ability to compromise the world's top intelligence agencies. Each month peoples can be paying membership fee, then getting members only data dump each month.

A spokeswoman for Microsoft said it was preparing a response.

As a final offer, the Shadow Brokers have said that if someone buys the entire horde of data, they will "go dark permanently", having no financial incentive to continue.

That attempt was also doomed, and after failing to secure buyers for the remainder of the tools they teased, the group dumped online the August 2016 password-protected archive last month in April.

Any U.S. government organizations are unlikely to negotiate with the hackers, Dillon says. "Heck, at this point, Shadow Brokers doesn't even need to have this exploit (though I'm guessing the NSA and Microsoft both may be erring on the side of caution at this point)", she wrote on her site. However, as researcher Marcy Wheeler points out, simply threatening these leaks can strain relationships between Microsoft and the USA government, which may be the real aim.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.