Shadow Brokers resurface, offer to sell fresh 'wine of month' club exploits

Data dump on monthly subscription model


The infamous Shadow Brokers hacking crew, central players in the release of the vulnerability that led to last week's WannaCrypt chaos, have returned online with a threat to release more exploits.

WannaCrypt used the EternalBlue exploit and DoublePulsar backdoor developed by the NSA. These tools were dumped by the Shadow Brokers last month after a failed attempt to auction off the exploits.

Microsoft patched the underlying vulnerability (MS17-010) in supported operating systems during the March edition of its regular Patch Tuesday updates. The WannaCrypt fallout prompted Redmond to take the highly unusual step of releasing patches for unsupported operating systems including Windows XP.

In a long post, the Shadow Brokers criticise government and IT industry firms for not snapping up the exploits when it had the chance, months before their release. It references its posting of screenshots of Windows exploits from its haul, a development it credits for Microsoft's release of an SMB (Server Message Block) patch in March, before attempting to justify its release of tools a month later in April, warning there was a lot more where that came from.

In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? "75% of U.S. cyber arsenal".

TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup "all your bases are belong to us". TheShadowBrokers is not being interested in stealing grandmothers' retirement money. This is always being about theshadowbrokers vs theequationgroup.

The NSA's EquationGroup has spies inside Microsoft and other U.S. technology companies, the Shadow Brokers allege. The hacking group says it plans to sell off new exploits every month from June onwards. Windows 10, web browser and router exploits along with "compromised network data from more SWIFT providers and Central banks" are among the items that might be offered through the "dump of the month" service.

In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

The Shadow Brokers' motives are far from clear. The group said it would shut down operations permanently providing a "responsible party is buying all lost data before it is being sold", a comment seemingly addressed towards the NSA. ®


Other stories you might like

  • AWS adds bare metal support to EKS Anywhere
    And throws some cold water on the 'K8s works best inside a VM' argument

    Amazon Web Services has made a small but important change to its EKS Anywhere on-prem Kubernetes offering – the option to install it on bare metal servers instead of exclusively inside a VMware vSphere environment.

    "Amazon EKS Anywhere on bare metal enables customers to automate all steps from bare metal hardware provisioning to Kubernetes cluster operations using a bundled open source toolset built on the foundation of Tinkerbell and Cluster API," states the cloud colossus's announcement of the offering.

    The offering is free, but AWS generously offers service subscriptions.

    Continue reading
  • Windows 11: The little engine that could, eventually
    Stalled marketshare seems to be creeping upwards again in consumer, enterprise – but adoption still a slog

    Advertising company AdDuplex has published its latest set of Windows usage figures and it looks like there might be light at the end of the tunnel for Windows 11.

    Only the most ardent Microsoft apologists would insist all is well with Windows 11 adoption. Share growth of the OS stalled earlier this year and between March and April, with AdDuplex registering less than a 0.4 per cent increase. Windows 11 stood at a 19.7 per cent share, well behind the 35 percent and 26.4 percent of Windows 10 21H2 and 21H1 respectively.

    The figures for the end of June show Windows 11 has clawed its way to a 23.1 percent share of PCs surveyed by AdDuplex, within touching distance of the chunk occupied by Windows 10 21H1 (23.9 percent) but still a long way behind Windows 10 21H2, which grew its share to 38.2 percent. Microsoft itself has not produced any official usage statistics.

    Continue reading
  • Tencent Cloud slaps googly eyes on a monitor, says it can care for oldies
    It's called 'i-Care' and it screams 'I don't, actually'

    Tencent Cloud has released an odd robot-adjacent device designed to provide telemedicine services.

    The effort is called i-Care and is the result of a tie up with USA-based IT services Millennium Technology Services (MTS)'s subsidiary Invincible Technology. The two companies set out to create "a digital solution that aims to improve patients' experience and quality of life as well as draw patients, families and caregivers closer than ever."

    "Customers' habits and expectations have evolved dramatically over the last few years across various industries including the medical and healthcare field, driven by the further emergence of digital technologies and cloud computing," said Tencent Cloud in a canned statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022