Security Experts:

Shadow Brokers Want $20,000 for Monthly Leaks

The Shadow Brokers have provided more details on the monthly subscription service announced two weeks ago. Those interested in obtaining exploits and other information from the group will have to pay a monthly fee of roughly $20,000.

The Shadow Brokers announced the “monthly dump service” following the WannaCry ransomware attacks, which leveraged an exploit leaked by the group. The exploit in question, dubbed EternalBlue, was one of the many files allegedly stolen from the NSA-linked actor known as the Equation Group.

The hackers have insisted that their main goal is to make money, and since their previous attempts have had little success, they have now decided to offer the remaining Equation Group files for a monthly fee.

While some experts believe the most important files may have already been made public, the group claims it’s still in possession of a lot of data, including exploits for Windows 10, web browsers, routers and smartphones, SWIFT network data, and information on nuclear and missile programs in Russia, China, Iran and North Korea.

The first monthly dump will be made available sometime between July 1 and July 17. The hackers claim they have yet to decide on what to leak, but it will be “something of value to someone.”

Individuals and organizations that want to receive the files will have to pay 100 units of Zcash, a digital currency advertised as “permissionless cryptocurrency that can fully protect the privacy of transactions using zero-knowledge cryptography.”

The 100 Zcash, currently worth roughly $20,000, must be sent to a specified address during the month of June along with an email address to which the files will be delivered. The group said the files will be sent out as a “mass email,” which indicates that all subscribers will receive the same files.

The Shadow Brokers said they realize that $20,000 is not an amount anyone can pay, and pointed out that the monthly dump service is mainly for security companies, governments, OEMs, hackers and “high rollers.” The hackers noted that there are also some risks associated with Zcash, which they can’t guarantee is safe and reliable.

The Shadow Brokers had previously attempted to monetize the Equation Group exploits through auctions, crowdfunding campaigns, and direct sale, but none of the methods was as successful as the group had hoped.

Their latest attempt could be more successful considering that the monthly subscription fee is significantly smaller compared to the thousands of bitcoins they previously demanded. Matthew Hickey, co-founder of security firm Hacker House, has proposed launching a Kickstarter campaign to raise the money. Once the exploits are obtained, they would be analyzed and disclosed responsibly to affected vendors. However, not everyone agrees with the idea.

To date, the Shadow Brokers have managed to earn only 10.5 bitcoins, which is currently worth roughly $24,000. F-Secure’s Mikko Hypponen noticed recently that the hackers had emptied their original Bitcoin wallet and started distributing the money to tens of other addresses.

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.