Published: Thu, May 18, 2017
Technology | By Tonya May

After WannaCry, the Shadow Brokers promise to unleash more NSA exploits soon

After WannaCry, the Shadow Brokers promise to unleash more NSA exploits soon

The hacker group claims that it still has 75 percent of the the US' cyber arsenal, and could release tools that exploit browser, router and phone vulnerabilities, as well as compromised network data from Russia, China, Iran and North Korea.

It said future releases could be prevented if the NSA or another "responsible party" bought back the stolen data. Though the Shadow Brokers' online statement did not mention any other tech industry product by name, there was mention of threats to dump data from banks using the SWIFT worldwide money transfer network and to dump data from Russian, Chinese, Iranian or North Korean nuclear and missile programs.

In their post, the Shadow Brokers have come out to warn the NSA and said they have access to "75 per cent of U.S. cyber arsenal".

"In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service", the group wrote in its open letter on the Steemit website Tuesday.

ShadowBrokers's trove included the NSA's exploit tool for a Microsoft Windows vulnerability that was used in Friday's "WannaCry" ransomware attack, which infected hundreds of thousands of computers in scores of countries. "Is being like wine of month club", its post states; Blue Apron for malware.

Sean Dillon, a senior security analyst at RiskSense, said the group has proven they possess highly effective tools so people, particularly criminals, are very willing to pay for what them.

To the Spaniards in the USA - Page 45 - Stormfront
It matters little to me that if you love us a lot or a little, I do not live there anyway, but it is still your opinion. This act says to restrict the immigration of Slavs, Arabs, East, Jews, and South Americans to the United States.

"The Equation Group are our nation's top hackers", he says, referring to the group which Shadow Brokers claims to have pilfered a stockpile of exploits and tools. While later reports have questioned how much of a role the Shadow Brokers actually had in the leak of the exploits, what is known without a doubt is that the exploits in their possession did indeed originate from the NSA, as confirmed by the Snowden documents.

RiskSense has been tracking the Shadow Brokers since last August, when it released a zero-day exploit "Extra Bacon" for Cisco ASA firewalls that potentially allowed attackers to access internal networks.

The Shadow Brokers originally tried selling off the stolen tools in an auction, but backed down after receiving no bidders.

The Shadow Brokers' post included its first commentary on WannaCry.

The post explains Shadow Brokers main motivation in its activities as a competition of sorts, pitting itself against the NSA. But if the subscription service launches in June as stated, he expects there will be subscribers.

Like this: