Shadow Brokers spew Windows hack tools after exploit auction flop

Screw you, guys, we're going home


Security exploit peddlers Shadow Brokers announced their retirement on Thursday – and released 58 tools for hacking Windows PCs for free by way of a parting gift.

The shady group is essentially giving up, and shoving malicious code – most of which is detected by Kaspersky and a few other antivirus makers – into the hands of as many miscreants and researchers as possible. The tools can be used to hijack and remotely control vulnerable Windows systems.

The group is best known for running pretty much unsuccessful auctions of exploits and vulnerabilities sourced from the Equation Group – a collection of elite NSA hackers. Documents leaked by intelligence whistleblower Edward Snowden provide firm evidence that hacking tools previously leaked by the Shadow Brokers included malware and exploits that began life at the spying agency.

In its parting note, the brokers said their operation was always about the money and that they would only come out of retirement if their “fans” filled its coffers with 10,000 BTC ($7.9m). Although it’s departing the scene, at least for now, the gang is allowing a sale of Windows hacking tools it opened earlier this week to run on uninterrupted.

Would-be buyers can purchase the entire database of hacking tools that The Equation Group used for 750 BTC ($591K). A good rundown of what’s in the farewell dump, and wider context of Shadow Brokers’ latest shenanigans, can be found in a blog post by Danish security outfit Heimdal Security, here. ®

Similar topics


Other stories you might like

  • Euro-telcos call on big tech to help pay for their network builds

    Aka 'rebalancing global technology giants and the European digital ecosystem'

    The European Telecommunications Network Operators' Association (ETNO) has published a letter signed by ten telco CEOs that calls for, among other things, Big Tech to pay for their network builds.

    The letter, signed by the CEOs of the Vodafone Group, BT Group, Deutsche Telekom, Telefónica, Orange Group and five more telco leaders, calls for a "renewed effort to rebalance the relationship between global technology giants and the European digital ecosystem".

    "A large and increasing part of network traffic is generated and monetized by Big Tech platforms, but it requires continuous, intensive network investment and planning by the telecommunications sector," the letter states, adding "This model – which enables EU citizens to enjoy the fruits of the digital transformation – can only be sustainable if such platforms also contribute fairly to network costs."

    Continue reading
  • AI-enhanced frog stem cells start to replicate in entirely new ways

    Xenobots scoop up loose cells to make more of themselves. We welcome our new overlords

    In January of 2020, scientists from the University of Vermont announced they had built the first living robots; this week they have published reports that those robots, made from frog cells and called Xenobots, can reproduce and have found a new way to do so.

    The millimetre-sized xenobots are essentially a computer-designed collection of around 3,000 cells. They were created by taking stem cells from frog embryos, scraping them, leaving them to incubate, then cutting them open and sculpting them into specific shapes. After all that action, the cells began to work on their own – auto-repairing when sliced and moving about inside petri dishes.

    With a little design tweak, the creatures could do even more. "With the right design, they will spontaneously self-replicate," said University of Vermont researcher Joshua Bongard, Ph.D. in a canned statement.

    Continue reading
  • Panasonic admits intruders were inside its servers for months

    Spotted the crack after it ended – still not sure what was lost

    Japanese industrial giant Panasonic has admitted it's been popped, and badly.

    A November 26 statement [PDF] from the company admits that its network "was illegally accessed by a third party on November 11, 2021". That date has since been revised – the company now says it became aware of the intrusion on the 11th, but that unknown entities had access to its systems from late June to early November.

    "After detecting the unauthorized access, the company immediately reported the incident to the relevant authorities and implemented security countermeasures, including steps to prevent external access to the network," the statement adds.

    Continue reading

Biting the hand that feeds IT © 1998–2021