‘ShadowBrokers’ threatens to release more cyber attack tools

Security fences surround the National Security Agency's (NSA) Utah data collection center in Bluffdale, Utah near Salt Lake City on April 12, 2017.  The 1.5 billion USD data center, thought to be the largest in the world, with a reported size to be on the order of an exabytes or larger, supports the Comprehensive National Cybersecurity Initiative (CNIC) of the United States Government. / AFP PHOTO / GEORGE FREY

Security fences surround the National Security Agency’s (NSA) Utah data collection center in Bluffdale, Utah, near Salt Lake City on April 12, 2017. A shadowy group called ShadowBrokers is offering to release hacking tools stolen from the NSA, opening threats of more cyber attacks. AFP

WASHINGTON, United States — The mysterious ShadowBrokers group, which leaked the stolen hacking tool used in last week’s global cyber attacks, is threatening to release more such tools next month.

In a taunting online message in broken English late Tuesday, the group said it will take payments beginning in June for monthly releases of computer hacks and vulnerability exploits like the one behind the global hacking wave.

It also threatened to release compromised data from the international banking network and secret information on the nuclear and missile programs of Russia, China, Iran or North Korea.

READ: Hacker group releases password to alleged NSA files

“Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members,” the group wrote on the Steemit social blogging platform.

ShadowBrokers first surfaced last year offering for sale a suite of hacking tools stolen from the US National Security Agency, leaking bits to demonstrate what they had in their possession.

Who is behind the group is unknown, though they are believed to be based in Russia or Eastern Europe. But analysts believe the files are genuine and came from the NSA’s hyper-secret hacking unit dubbed the “Equation Group.”

ShadowBrokers’s trove included the NSA’s exploit tool for a Microsoft Windows vulnerability that was used in Friday’s “WannaCry” ransomware attack, which infected hundreds of thousands of computers in scores of countries.

ShadowBrokers is not believed to be the source of the ransomware attack itself, which some analysts say could be linked to North Korea.

READ: Expert finds more possible North Korea links to cyberattack

In the new online message, ShadowBrokers accused the Equation Group of not warning software makers like Microsoft of vulnerabilities that leave their products open to hacking and malware.

It said future releases could be prevented if the NSA or another “responsible party” bought back the stolen data.

“TheShadowBrokers is not being interested in stealing grandmothers’ retirement money. This is always being about theshadowbrokers vs theequationgroup,” they said. CBB

Read more...