NSA hackers threatens sale of tech secrets

Share

As is to be expected, the group notes that what members do with the exploits is completely up to them. The US government has not commented directly on the matter.

The Shadow Brokers had originally tried to sell the stolen tools in an auction, but backed down after receiving no bidders.

He says cyber security leaders should pay attention to what Shadow Brokers does next. Some speculate it may be a disgruntled US government employee or a foreign intelligence agency (see Mystery Surrounds Breach of NSA-Like Spying Toolset).

Despite the availability of fixes, the exploits that the Shadow Brokers still have could lead to even more damage on a global scale. That's the nickname for what's believed to be the NSA's Tailored Access Operations, the former name for its network infiltration unit.

"TheShadowBrokers is launching new monthly subscription model", it explained. This data dump is also said to carrying information on banks using the SWIFT worldwide money transfer network. According to them, the list includes "web browser, router, handset exploits and tools, exploits for Windows 10, compromised network data from more SWIFT providers and Central banks".

The group is clearly emboldened by its success (if you want to call it that), after releasing numerous zero-day exploits acquired from the NSA's Equation Group, after they were left on a staging server. All versions of Windows except the latest one were vulnerable. Whoever developed WannaCry then used the exploit to distribute its ransomware, while also adding a self-replicating capability that had a devastating impact. Although experts advise speedy patching, organizations often delay until quality checks are completed to ensure other applications aren't hampered by the software changes. More than 300,000 computers were infected by the WannaCry malware since Friday, locking down computers and robbing businesses and individuals of potentially important files.

While the motives of the Shadow Brokers remains unknown, it claimed that it wasn't interested in the bug bounties paid by software firms for vulnerabilities found in their code or selling to "cyber thugs".

More news: Foot Locker stock plunges after blaming tax-refund lag for slowdown
More news: Tim Duncan back at Spurs practice; Kawhi Leonard at facility on Thursday
More news: The damning statistics from Jose Mourinho's first season at Manchester United

Alternately, the Shadow Brokers appears to be giving the NSA or any other organization that has leaked cyber warfare kits to buy back the whole lot and avoid the release of the tools. Had that advice been widely followed, WannaCry wouldn't have had almost the impact that it ultimately had. The group said that the data would be locked behind a subscription fee, but, beyond that, they do not care who buys the data or for what objective it is used.

The hacker group started off by mocking the security practices of TheEquationGroup (read as NSA). They're planning to release more NSA hacking tools in June, offering access to them to anyone willing to pay.

Extract from the Shadow Brokers' Tuesday post.

A group of hackers that previously leaked alleged U.S. National Security Agency exploits claims to have even more attack tools in its possession and plans to release them in a new subscription-based service. It also suggests North Korea was behind the WannaCry ransomware outbreak.

"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage." - said Microsoft's Brad Smith - "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen".

They were easy to be exploited because they were not getting regular security patches from Microsoft automatically. But that argument is hard to follow due to the Shadow Brokers' poor English, which some observers believe may be intentional.

Share