"ShadowBrokers" threatens to release more cyber attack tools

Posted May 18, 2017

The group is responsible for the release of the National Security Agency's (NSA) hacking exploits which highlighted a Windows vulnerability used by hackers in the recent WannaCry global ransomware attack.

To bring you up to speed, this hacking group was the first to publicly reveal information of the WannaCry ransomware malware, but it looks like they have another agenda in mind as far as releasing 0-day bugs and exploits go.

Now the shadowy group has announced that they plan to sell more exploits to anyone willing to pay, on a monthly basis, starting next month in June.

The Shadow Brokers mentioned that the leaked data could contain web browser, router, handset exploits and tools, newer Ops Disks and exploits for Windows 10, compromised network data from Central banks and compromised network data from Russian, Chinese, Iranian, or North Korean nuclear and missile programs.

Sean Dillon, a senior security analyst at RiskSense, said the group has proven they possess highly effective tools so people, particularly criminals, are very willing to pay for what them.

In the wake of the massive global WannaCry ransomware attacks, worldwide governments and software vendors have begun playing the blame game.

British media outlets said a group of hackers who claim to have carried out the cyberattacks say they have information regarding North Korea's nuclear and missile programs.

The spy agency reportedly knew about the theft of its cyberweapons arsenal, which was later allegedly leaked by the Shadow Brokers hacker group. If Shadow Brokers have access to this data set then the sale of such high-profile data could put not only the of the government but the netizen also at risk.

"Is being like wine of month club", they wrote in broken English.

"TheShadowBrokers Data Dump of the Month" is a new monthly subscription model, the group said. The group teased more details would come out next month.

Most of the vulnerabilities targeted by the leaked exploits had already been patched by that time, including EternalBlue, which Microsoft fixed in March.

Dillon believes that once somebody gets data dump from the hackers, the exploits would likely become public.

The leaked WannaCry software also cause some tension between the USA government and Microsoft, whit Redmond-based company criticizing the NSA for holding on to exploits.