Connect with us

Hi, what are you looking for?


Application Security

Crowdfunding for Acquiring Shadow Brokers Exploits Canceled

Researchers announced this week the launch of a crowdfunding initiative whose goal was to raise money to subscribe to the Shadow Brokers’ monthly exploit leaks. However, the funding campaign has been canceled due to legal reasons.

Researchers announced this week the launch of a crowdfunding initiative whose goal was to raise money to subscribe to the Shadow Brokers’ monthly exploit leaks. However, the funding campaign has been canceled due to legal reasons.

The hacker group called Shadow Brokers announced on Tuesday that interested parties can obtain exploits and information by paying a monthly fee of 100 Zcash (roughly $20,000). The hackers claim they possess a lot of data allegedly stolen from the NSA-linked Equation Group, including exploits, SWIFT network data, and information on nuclear and missile programs in Russia, China, Iran and North Korea.

A group led by Hacker House co-founder Matthew Hickey and the researcher known online as “x0rz” launched a Patreon-based crowdfunding campaign to raise the 100 Zcash needed to subscribe to the Shadow Brokers’ monthly dumps.

The plan was to immediately notify affected vendors of any zero-day exploits in hopes of avoiding another attack similar to the WannaCry ransomware, which leveraged a Windows SMB exploit leaked by Shadow Brokers. While Microsoft patched the flaw in March, weeks before the WannaCry attacks, many companies were not aware of the risks and neglected to patch it.

Hickey conducted a survey to get the infosec community’s view on the crowdfunding idea, and just over half of the roughly 1,800 votes supported the initiative. Some industry professionals pointed to the legal and ethical implications, while others noted that the Shadow Brokers have likely already leaked all the valuable exploits, or that they will leak the data anyway as they are simply doing it for the attention.

The project raised nearly $4,000 in just 36 hours, but the initiators of the campaign decided to pull the plug after seeking legal advice. The pledged bitcoins will be refunded or donated to the Electronic Frontier Foundation (EFF).

“If you ever want to hear a lawyer shout expletives at volume down a phone you need to call him and tell him that you have created the first open source crowd-funded cyber arms acquisition attempt,” Hickey said. “It transpires that should funds change hands from ours to the Shadow Brokers we would be certainly risking some form of legal complications. It was just too risky and the advice was under no circumstances to proceed further with this.”

Advertisement. Scroll to continue reading.

While it’s still not clear who is behind the Shadow Brokers – some point to Russia, while others to an NSA insider – Hickey said he learned that the group is linked to Russia’s Federal Security Service (FSB), which complicated the situation even further.

The Shadow Brokers have denied having anything to do with Russia and they claim their main goal is to make money. However, all their attempts, including auctions and crowdfunding initiatives, have so far failed. It remains to be seen if anyone signs up for their monthly dump service.

In the meantime, The Washington Post reported – and confirmed speculation – that it was the NSA who informed Microsoft about the Windows vulnerability exploited by WannaCry. The infosec community has been urging the intelligence agency to disclose the Equation Group exploits to affected vendors given that they could be made public at any time.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...