Hacking group to set up club for monthly NSA code releases
The Shadow Brokers say they could also leak data about Windows 10 vulnerabilities and foreign nuclear programmes.
Tuesday 16 May 2017 17:35, UK
The group responsible for the release of the National Security Agency (NSA) code used in the WannaCry ransomware attack has said it will open a member's club for those wanting access to similar tools.
The announcement was made in which made derisory references towards domestic American politics and the recent , and was titled "Comey Wanna Cry".
Calling themselves the Shadow Brokers, the group first appeared in 2016 claiming that they had access to 75% of the US cyber arsenal, which they offered to auction to the highest bidder.
Despite these attempts to monetise the stolen hacking tools, a number of them have been leaked to the general public by the group, which is believed to be Russian.
The tools and software exploits have been made generally available to both cybercriminals and security-inclined hackers, including .
In April these leaks included a software exploit named EternalBlue which was then used by the WannaCry ransomware running Windows, and which .
While the Shadow Brokers has stressed the financial value of the stolen hacking tools it holds, in its response to the WannaCry attack it repeatedly states that its aim "is always being about theshadowbrokers vs theequationgroup."
The Equation Group is the codename for a sophisticated threat actor in security research, which evidence suggests has ties to the NSA.
The group claims that a screenshot it posted in January alerted the Equation Group that it had access to the EternalBlue exploit, and that this was responsible for Microsoft missing a security update in February.
The patch eventually came out in March, a month before the EternalBlue exploit was made public, however computer systems which had not applied the patch were still vulnerable to attack.
The Shadow Brokers stated that future leaks could include exploits and hacking tools for web browsers, routers and handsets.
While the EternalBlue exploit did not affect Windows 10, the group said "newer exploits for Windows 10" could be provided, as well as "compromised network data" from international financial systems and foreign nuclear and missile programmes.