In a convoluted post on Steemit.com and shared on the mysterious group's Twitter account, Shadow Brokers says it has more exploits and attack tools in its possession. It's been able to spread so quickly by sneaking through an infected computer's network, using a server messaging blocking exploit in outdated Windows computers.
"The Equation Group are our nation's top hackers", he says, referring to the group which Shadow Brokers claims to have pilfered a stockpile of exploits and tools.
The hackers have not offered proof that they possess any more data, but have alleged that their collection includes Windows 10 exploits, banking information, and "compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs".
The hacking group dubbed its new monthly subscription model "TheShadowBrokers Data Dump of the Month;" the service kicks off in June.
Subscribing to the service "is being like wine of month club" (sic), the group writes. The gang says that potential buyers would have to pay the subscription fee the data is locked behind but, other than that, practically everyone could buy it and used it for whatever purposes, terrorist organizations included. What members doing with data after is up to members.
After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday by The Washington Post.
Shadow Brokers were the first to reveal the vulnerabilities that led to the release of the WannaCry virus and it looks like they are back with a bang.
The Washington Post reported that NSA officials had discussed whether EternalBlue was risky enough for them to reveal it to Microsoft.
However, commentators state that the NSA "got lucky", as The Shadow Brokers appeared to have the exploit months before Microsoft was able to patch it. It renewed debate over how and when intelligence agencies must disclose vulnerabilities used in cyber spying programs.
Hacking tools believed to belong to the NSA that were leaked online last month were built into WannaCry ransomware - also known as WannaCrypt - that swept the globe on Friday.
RiskSense has been tracking the Shadow Brokers since last August, when it released a zero-day exploit "Extra Bacon" for Cisco ASA firewalls that potentially allowed attackers to access internal networks. But the naming of Windows 10 specifically will undoubtedly set Microsoft, its partners and corporations using the latest version of Windows, which until now has been unaffected by WannaCry, on edge. However, as researcher Marcy Wheeler points out, simply threatening these leaks can strain relationships between Microsoft and the U.S. government, which may be the real aim. "Microsoft has been critical of the USA government over this stockpiling of vulnerability code, and said this was equivalent to the government losing it stock of 'Tomahawk missiles". The blog post criticizes the global technology giants and their relation with the U.S government.