icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
31 May, 2017 01:55

Shadow Brokers offer new secrets to ‘high rollers & govts’ after helping create WannaCry

Shadow Brokers offer new secrets to ‘high rollers & govts’ after helping create WannaCry

The Shadow Brokers, a group that is thought to have stolen classified documents from the NSA that have been used to write the WannaCry malware, have offered to publish more of their document trove in exchange for a monthly subscription fee.

In a message posted in deliberately garbled English, the collective said that they would release the next batch of data in June to subscribers prepared to pay 100 units of Zcash, a new hard-to-trace cryptocurrency – currently the equivalent of about $23,000.

“Monthly dump is being for high rollers, hackers, security companies, OEMs, and governments. Playing ‘the game’ is involving risks,” said the group explaining the steep price and the choice of currency for the supposedly exclusive service, which it ironically called, “The Wine of the Month Club.”

In the FAQ attached to the offer, the hackers ask themselves: “What is going to be in the next dump?”

“TheShadowBrokers is not deciding yet. Something of value to someone,” ran the answer. “This is being wrong question. Question to be asking ‘Can my organization afford not to be first to get access to theshadowbrokers dumps?’”

The group trailed its subscription model earlier this month and at the time promised exploits, tools, and “compromised network data” from banks and “Russian, Chinese, Iranian, or North Korean nukes and missile programs.”

READ MORE: Shadow Brokers launches monthly subscription service offering nuclear, banking secrets

As per its usual practice, the NSA has not responded to the latest statement from the group. Experts previously concluded that the leaks were likely genuine NSA data, but partially outdated.

The Shadow Brokers, whose identity, motives, and whereabouts have not been verified, has been releasing hacked information since last summer. The group has repeatedly offered to sell its data through auctions and directly, though has mostly failed to attract substantial bids. Despite promising to sell the entire cache for 1 million bitcoin – currently more than $2.2 billion – on Tuesday, The Shadow Brokers removed the mere 10 Bitcoins it collected – about $24,000 – to a new address.

But despite the apparent inability to monetize the venture, the leaks have proved dangerous, and the WannaCry malware, which infected over 200,000 computers starting on May 12, used tools from The Shadow Brokers’ trove to create malware demanding a ransom from users in exchange for not having their files destroyed.

Some observers, including Edward Snowden, have speculated that the hackers are not after financial gain, but instead are a government-sponsored group, looking to expose, humiliate or warn the NSA.

READ MORE: Can the heart be hacked? Experts find 8,000 security flaws in pacemaker software