The ShadowBrokers hacker collective, known for the theft of NSA exploit toolkits that ultimately led to the WannaCrypt ransomware outbreak last week, have seemingly announced that they are starting a LootCrate-esque subscription service where fellow black-hats can get exploits, logins and backdoors sent to them monthly, unless someone pays their desired ransom in exchange for the entire library.
In a post on Steemit, an alleged representative of the group made the announcement in frustratingly (and likely intentionally) poor English, replete with lewd remarks directed toward various individuals, while denying culpability for the WannaCrypt epidemic and instead blaming national governments and IT companies for not purchasing the exploits when the group tried to auction them last year.
In June, TheShadowBrokers is announcing “TheShadowBrokers Data Dump of the Month” service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.
TheShadowBrokers Monthly Data Dump could be being:
- web browser, router, handset exploits and tools
- select items from newer Ops Disks, including newer exploits for Windows 10
- compromised network data from more SWIFT providers and Central banks
- compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs
More details in June.
OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS
The author of the post states that the collective is not interested in bug bounties or helping hackers with ill intentions, and that the entire theft and subsequent distribution attempts has been as an act of aggression toward The Equation Group, the cyberwarfare division of the NSA that the group accuses of paying developers to keep significant security risks unpatched so that they can be exploited.
ThePeoples is asking “why not do X or Y or Z?” “Why auction?” TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires. TheShadowBrokers is taking pride in picking adversary equal to or better than selves, a worthy opponent. Is always being about theshadowbrokers vs theequationgroup.
In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? “75% of U.S. cyber arsenal” TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup “all your bases are belong to us”. TheShadowBrokers is not being interested in stealing grandmothers’ retirement money. This is always being about theshadowbrokers vs theequationgroup.
Read the entire migraine-inducing stream of hybrid pidgin-Arabic pseudo-1337speak drivel at Steemit.