White hat hackers hope to crowd-source a $20k Shadow Brokers subscription

A team of security researchers will attempt to raise funds to purchase a $23,000 subscription to future leaks from the group that released the Windows exploit that made WannaCry ransomware mainstream news.

The crowd-funding campaign is being launched by a group that calls itself Shadow Brokers Response Team, which is led by security researcher Mathew Hickey, a co-founder of a security firm Hacker House who’s also known on Twitter as Hacker Fantastic. The other member of the team is a security researcher called x0rz.  

Hickey has been closely tracking the leaks from the Shadow Brokers hacking group. They’ve released four batches of once secret files from the NSA, including weaponized exploits for Windows machines, Cisco routers, and Linux. The most damaging leak came in mid-April with the EternalBlue exploit, which was adopted by WannaCry to spread among mainly Windows 7 PCs without Microsoft's March security patch.   

In the wake of the WannaCry outbreak, the Shadow Brokers teased a monthly subscription to what they claimed would be several potent hacking tools. 

Today the group revealed the service will commence in June and cost 100 units of Zcash, a Bitcoin-like cryptocurrency. This converts to around $23,000. The Shadow Brokers Response Team is attempting to raise £17688.29 at the current exchange rate.     

Hickey told the BBC today that Hacker House was considering buying the subscription, however there is still uncertainty about its contents, despite the credibility of the group’s previous leaks. 

The Shadow Brokers’s latest post only promises to deliver “something of value to someone”, however earlier this month they said it would release exploits for browsers, routers, phones, and Windows 10. It’s also threatened to leak data allegedly taken by the NSA about SWIFT providers, central banks, and details about nuclear and missile programs of Russia, China, Iran, and North Korea. 

The subscription is aimed at “high rollers, hackers, security companies, OEMs, and governments”, though it’s unclear whether the hacking group would sell a license to group that pooled funding.  

Mikko Hypponen chief researcher at Finnish security firm F-Secure suggested the firm may also considering a subscription since the previous leak led to WannaCry. 

Security researcher Kevin Beaumont advised against supporting the crowd-funding campaign sine it would indirectly fund crime. Instead, he said the NSA should simply tell all vendors of bugs that were leaked since they’re now being traded on the black market. This would allow vendors to patch the flaws.     

Hickey’s fund-raising page says this is a “damned if you do, damned if you don’t situation”.  

“Powerful previously unidentified attack tools have been in possession of at least two separate groups over the course of the last few years. If these tools are not purchased by ethical and responsibly acting parties, they could be obtained by more criminal groups and used to perform cyber attacks,” the page reads. 

Tags Windowsnsaexploit

Show Comments