Published: Sat, May 20, 2017
Research | By Elizabeth Houston

Shadow Brokers Warn of June Data Dump


A group that took credit for leaking NSA cyber spying tools - including ones used in the WannaCry global ransomware attack - has said it plans to sell code that can be used to hack into the world's most used computers, software and phones.

The group said it would shut down operations permanently providing a "responsible party is buying all lost data before it is being sold", a comment seemingly addressed towards the NSA.

While the EternalBlue exploit did not affect Windows 10, the group said "newer exploits for Windows 10" could be provided, as well as "compromised network data" from worldwide financial systems and foreign nuclear and missile programmes.

In a convoluted post on Steemit.com and shared on the mysterious group's Twitter account, Shadow Brokers says it has more exploits and attack tools in its possession. "Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn't bid in auction". "Microsoft has been critical of the United States government over this stockpiling of vulnerability code, and said this was equivalent to the government losing it stock of 'Tomahawk missiles".

Shadow Brokers were the first to reveal the vulnerabilities that led to the release of the WannaCry virus and it looks like they are back with a bang.

Even though the crooks behind the real WannaCry infection are still unknown, one thing is certain and this is the fact that Shadow Brokers stole the malware from the NSA.

How the 2019 Rugby World Cup could play out
England failed to advance from their "group of hell" in 2015, becoming the first hosts to exit before the knockout stage. The victor of the All Blacks pool will face the runner up in Pool A that includes Ireland , Scotland and Japan .

Hostages freed from mosque in Central African Republic
CAR Prime Minister Simplice Sarandji also condemned the attacks and vowed to bring those responsible to justice. This is not the first time peacekeepers have been targeted in the Central African Republic.

Tillerson on Russia: No 'free pass' on election interference
CNN said State released the same statement more than 20 minutes after Tillerson's remarks were distributed by the White House. Kislyak is a major figure in the investigation of Russian interference.

RiskSense has been tracking the Shadow Brokers since last August, when it released a zero-day exploit "Extra Bacon" for Cisco ASA firewalls that potentially allowed attackers to access internal networks. Microsoft had actually made a patch for this WannaCry vulnerability in March 2017 and rolled it to users but not many installed it.

"Shadow Brokers claim they are not "interested in stealing grandmothers" retirement money", but rather this whole fight is about them vs theequationgroup. Regarding the type of exploits the Shadow Brokers is promising to deliver, the group says it will deliver exploits for web browsers, routers, handsets and more.

"NSA identified a risk and communicated it to Microsoft, who put out an immediate patch", Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project, told The Washington Post. "Killswitch? Crimeware is caring about target country?"

In April, the hacker collective known as the Shadow Brokers, released a trove of Windows exploits and hacking tools which they claimed to have stolen from the NSA's cyber stockpile.

"Is being like wine of month club", they wrote in broken English.

Like this: