News

Shadow Brokers Announce Exploit Subscription

By admin
Spread the love

The group called “Shadowbrokers” has announced a monthly dump of exploits, security tools and sensitive information about nuclear programs, among other things. Interested parties can subscribe from June for a fee.

Various data may be part of the ‘Shadowbrokers Data Dump of the Month’ service. The group gives examples of exploits and tools for browsers, routers and handsets, new exploits for Windows 10, stolen data about Swift payment providers and central banks. In addition, the hacker group speaks of stolen network data from Russian, Chinese, Iranian or North Korean nuclear activities and missile programs.

It is not known what the costs for a subscription will be. In June, the group will officially introduce the service and then announce more details. Shadow brokers offer another way out for parties that want to prevent the data from becoming available to subscribers for a fee. If those parties buy up all the data at once, the group claims it has no financial incentive to continue. The group then promises to stop permanently.

In the statement, drafted in poor English, the group denounces the lack of bids in its previous auction and the direct sale offer of hacking tools. Neither The Equation Group, nor governments and security companies would have responded to the offer to get their hands on the tools for an amount of ten thousand bitcoins, after which the auction stopped.

The Equation Group is the source of the hacking tool. Security firms such as Kaspersky strongly suspect that the NSA is behind The Equation Group, due to the nature and complexity of the attacks by this hacker group, which has been in operation since 2001 and possibly longer. According to Shadowbrokers, former employees of The Equation Group work at tech companies, including Microsoft. Also in Google’s Project Zero, people from The Equation Group are said to be involved, the Shadow Brokers suspect: “Project Zero releases a wormable zero-day and Microsoft patches it in record time, knowing it came. Is that a coincidence?” In addition, the group hints that Microsoft gets paid not to patch vulnerabilities or to withhold patches.

Shadowbrokers themselves would have shown screenshots of Windows exploits at the beginning of this year to give Microsoft the opportunity to patch the vulnerabilities, the claim is. The exploits were later released and one of them, Eternalblue, uses a vulnerability in the SMB protocol. That vulnerability is now being exploited by the WannaCry ransomware.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

ASUS will produce and support NUC mini PCs after Intel exit