Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Shadow Brokers Want $20,000 for Monthly Leaks

The Shadow Brokers have provided more details on the monthly subscription service announced two weeks ago. Those interested in obtaining exploits and other information from the group will have to pay a monthly fee of roughly $20,000.

The Shadow Brokers have provided more details on the monthly subscription service announced two weeks ago. Those interested in obtaining exploits and other information from the group will have to pay a monthly fee of roughly $20,000.

The Shadow Brokers announced the “monthly dump service” following the WannaCry ransomware attacks, which leveraged an exploit leaked by the group. The exploit in question, dubbed EternalBlue, was one of the many files allegedly stolen from the NSA-linked actor known as the Equation Group.

The hackers have insisted that their main goal is to make money, and since their previous attempts have had little success, they have now decided to offer the remaining Equation Group files for a monthly fee.

While some experts believe the most important files may have already been made public, the group claims it’s still in possession of a lot of data, including exploits for Windows 10, web browsers, routers and smartphones, SWIFT network data, and information on nuclear and missile programs in Russia, China, Iran and North Korea.

The first monthly dump will be made available sometime between July 1 and July 17. The hackers claim they have yet to decide on what to leak, but it will be “something of value to someone.”

Individuals and organizations that want to receive the files will have to pay 100 units of Zcash, a digital currency advertised as “permissionless cryptocurrency that can fully protect the privacy of transactions using zero-knowledge cryptography.”

The 100 Zcash, currently worth roughly $20,000, must be sent to a specified address during the month of June along with an email address to which the files will be delivered. The group said the files will be sent out as a “mass email,” which indicates that all subscribers will receive the same files.

The Shadow Brokers said they realize that $20,000 is not an amount anyone can pay, and pointed out that the monthly dump service is mainly for security companies, governments, OEMs, hackers and “high rollers.” The hackers noted that there are also some risks associated with Zcash, which they can’t guarantee is safe and reliable.

The Shadow Brokers had previously attempted to monetize the Equation Group exploits through auctions, crowdfunding campaigns, and direct sale, but none of the methods was as successful as the group had hoped.

Their latest attempt could be more successful considering that the monthly subscription fee is significantly smaller compared to the thousands of bitcoins they previously demanded. Matthew Hickey, co-founder of security firm Hacker House, has proposed launching a Kickstarter campaign to raise the money. Once the exploits are obtained, they would be analyzed and disclosed responsibly to affected vendors. However, not everyone agrees with the idea.

To date, the Shadow Brokers have managed to earn only 10.5 bitcoins, which is currently worth roughly $24,000. F-Secure’s Mikko Hypponen noticed recently that the hackers had emptied their original Bitcoin wallet and started distributing the money to tens of other addresses.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.