The mysterious hacking group calling themselves “The Shadow Brokers” has apparently decided to put an end to their failed attempts to sell exploits and hacking tools they claimed to have stolen from the NSA-linked Equation Group.
The news arrives only several days after the group put up for sale a series of Windows exploits and hacking tools, the first of the kind to have been associated with the stolen tools so far. The offering also included what appeared to be anti-virus bypass utilities.
Since August 2016, the group has been releasing firewall exploits, implants and other tools supposedly used by the Equation Group in their cyber-related activities. The initial batch of released exploits and implants was targeting firewalls from Fortinet, Chinese company TOPSEC, Cisco, Juniper Networks, WatchGuard and several unknown vendors.
Although the group released a second batch of exploits in October, they weren’t looking to make all of the stolen tools available for free, and soon decided to put them up for auction, but failed to reach the targeted goal of 10,000 Bitcoins. Next, they attempted a crowdfunding effort, but that failed as well.
The group then set up a website using the BitTorrent-powered ZeroNet peer to peer web platform, and put the available exploits and other tools up for direct sale, for a total of only 1,000 Bitcoins (around $800,000).
Now, the website the group used for direct sales is informing visitors that the Shadow Brokers have decided to go dark, because continuing their activity is too risky and brings few results. In fact, the group makes it clear that their main goal was to sell the stolen exploits for cash, and that the release of free tools was only a marketing move.
Since there are “no Bitcoins in free dumps and giveaways,” the Shadow Brokers are making an exit, but they leave a door open for those who might be interested in what they have to offer. The group posted a Bitcoin address, saying that they would return from hiding if they receive 10,000 Bitcoins. This offer, they say, has no expiration date.
Before making the exit, however, the group decided to release some more freebies, this time a series of 58 Windows hacking tools that Kaspersky’s anti-virus can detect. The batch is included in an archive available on the group’s website: https://onlyzero [.] net / theshadowbrokers.bit /.