May 17, 2017
Group linked to NSA spy leaks that led to WannaCry threatens sale of fresh tech secrets
A group that took credit for leaking NSA cyber spying tools – including ones used in the WannaCry global ransomware attack – has said it plans to sell code that can be used to hack into the world's most used computers, software and phones.
Using trademark garbled English, the Shadow Brokers group said in an online statement that, from June, it will begin releasing software to anyone willing to pay for access to some of the tech world's biggest commercial secrets.
In the blog post, the group said it was setting up a "monthly data dump" and that it could offer tools to break into web browsers, network routers, phone handsets, plus newer exploits for Windows 10 and data stolen from central banks.
It said it was set to sell access to previously undisclosed vulnerabilities, known as zero-days, that could be used to attack Microsoft Corp's latest software system, Windows 10. The post did not identify other products by name.
It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs, without providing further details.
"More details in June," it promised.
Shadow Brokers came to public attention last August when it mounted an unsuccessful attempt to auction off a set of older cyber-spying tools it said were stolen from the U.S. National Security Agency.
The leaks, and the global WannaCry virus attack, have renewed debate over how and when intelligence agencies should disclose vulnerabilities used in cyber spying programs to so that businesses and consumers can better defend themselves against attacks.
"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and founder of the United Arab Emirates-based cyber security firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.
Hacking tools believed to belong to the NSA that were leaked online last month were built into WannaCry ransomware — also known as WannaCrypt — that swept the globe on Friday.
The attack stoked fears that the spy agency's powerful cyber weapons could now be turned to criminal use, ratcheting up cyber security threats to a whole new level.
The NSA has not commented on Shadow Brokers since the group emerged last year, or the contents of past leaks. It has not responded to repeated requests for comment about the ransomware attack.
A spokeswoman for Microsoft said it was preparing a response. Microsoft has connected previous exploits of its products released by the mysterious Shadow Brokers group to tools which were stolen from NSA cyber warfare operations.