Group linked to NSA spy leaks threatens sale of new tech secrets

Posted May 21, 2017

"Each month peoples can be paying membership fee, then getting members only data dump each month".

National security journalist Marcy Wheeler has suggested that Shadow Brokers' recent claims of a new Windows 10 exploit might be a deliberate attempt to inflame tensions between Microsoft and the United States government. The group, which previously released legitimate information, branded the move a "data dump of the month" service.

The threat with the most teeth, however, is the claim that The Shadow Brokers could have more exploits to release, targeting mobile devices or Windows 10, as well as leaked data from the SWIFT banking system or nuke and missile programs in Russia, Iran, China or North Korea.

"TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires", the statement continued.

The group responsible for the release of the National Security Agency (NSA) code used in the WannaCry ransomware attack has said it will open a member's club for those wanting access to similar tools. It said it was "taking pride in picking adversary equal to or better than selves, a worthy opponent" and that it was "always being about theshadowbrokers vs theequationgroup [a sophisticated hacking team believed to be operated by the NSA ]".

The Shadow Brokers was responsible for leaking EternalBlue, the Windows SMB exploit that was used by attackers in recent days to infect hundreds of thousands of computers around the world with the WannaCry ransomware program.

The cyber security community has been combing through the blog post and other indicators for the Shadow Broker's intentions. It is not known who is behind the Shadow Brokers.Derek Manky, global security strategist at cyber security firm Fortinet, said he thinks WannaCry is probably the worst that will come from the Shadow Brokers' publicly dumped toolkit, though the group may have held back from public revealing everything it obtained "Out of that batch, it is probably a high-water mark", Manky said.

WannaCry spread using a flaw in versions of the Microsoft Windows operating system that were leaked in mid-April by Shadow Brokers, which said it had found the exploits in NSA servers that it had breached earlier. Microsoft has connected previous exploits of its products released by the mysterious Shadow Brokers group to tools which were stolen from NSA cyber warfare operations. "An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen."Some major technology companies, including Alphabet Inc's Google (GOOGL.O) and Facebook Inc (FB.O), declined comment on the Microsoft statement".

The NSA has not commented on Shadow Brokers since the group emerged a year ago, or the contents of past leaks.