More bugs may be released: Hacking group

Adjust Comment Print

The hacking group that says it facilitated the WannaCry ransomware attack has threatened to leak a new wave of hacking tools it claims to have stolen from the National Security Agency.

The hacking group said it would release tools to subscribers each month or would "go dark permanently" if the "responsible party" bought all the tools for a lump sum, suggesting that the Shadow Brokers could be willing to hand over stolen hacking tools to the NSA for a price.

The Shadow Brokers mentioned that the leaked data could contain web browser, router, handset exploits and tools, newer Ops Disks and exploits for Windows 10, compromised network data from Central banks and compromised network data from Russian, Chinese, Iranian, or North Korean nuclear and missile programs.

The latest Shadow Brokers' post criticizes global tech corporations as well as governments for not buying exploits in the past and thereby saving the public from an attack such as WannaCry. "Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't bid in auction". The NSA supposedly realized what the Shadow Brokers had and told Microsoft.

In a long post, the Shadow Brokers criticise government and IT industry firms for not snapping up the exploits when it had the chance, months before their release.

The Shadow Brokers said it made a decision to share screenshots from the NSA Equation Group's lost 2013 Windows Ops Disk in January, with the understanding that the Equation Group would then tell Microsoft and the vulnerability would be patched. These tools were dumped by the Shadow Brokers last month after a failed attempt to auction off the exploits. Even with the patch Microsoft issued in March, the vulnerability remained an Achilles' heel that paralyzed key parts of the physical world.

More news: John Wall three-pointer sees Washington Wizards take Boston Celtics the distance

TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS.

Apparently, Shadow Brokers have already tried to sell information to several multinational companies, countries, and worldwide organizations, including the North Atlantic Treaty Organization, the UN, Microsoft, Apple, and Google, but none of them was interested in that kind of purchase. The post did not identify other products by name.

The rogue hackers have promised more details on their content-monetization strategy in June. "Is being very odd behavior for crimeware?"

Starting in 2016, Shadow Brokers has been leaking hacking tools linked to the NSA online. "Is being like wine of month club", its post states; Blue Apron for malware.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.