Group linked to NSA spy leaks threatens sale of new tech secrets

Postado Mai 19, 2017

According to them, the list includes "web browser, router, handset exploits and tools, exploits for Windows 10, compromised network data from more SWIFT providers and Central banks".

The leaks, and the global WannaCry virus attack, have renewed debate over how and when intelligence agencies should disclose vulnerabilities used in cyber spying programs to so that businesses and consumers can better defend themselves against attacks.

The ransomware Attack was because of the existing Windows XP systems throughout the world which had been announced unsupported by Microsoft after 2014.

In a taunting online message in broken English late Tuesday, the group said it will take payments beginning in June for monthly releases of computer hacks and vulnerability exploits like the one behind the global hacking wave.

It also threatened to dump data from banks using the SWIFT worldwide money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programmes, without providing further details. The post indicated those who are willing can pay a monthly membership fee and how members will use the data they purchase would be up to them.

A spokeswoman for Microsoft said it was preparing a response.

"They can't pay anywhere close to the mark", Dillon said.

"If one of our targets discovered we were using this particular exploit and turned it against the United States, the entire Department of Defense would be vulnerable", The Washington Post cited an unnamed former NSA agent as having said.

Shadow Brokers came to public attention last August when it mounted an unsuccessful attempt to auction off a set of older cyber-spying tools it said were stolen from the U.S. National Security Agency.

"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and security researcher who has tracked the group.

Russian cybersecurity company Kapersky wrote the attack used an exploit method, "EternalBlue", originally developed by the NSA and released by a group calling itself the Shadowbrokers on April 14.

WannaCry ransomware attack: Hacker group Shadow Brokers have come out to warn that more such attacks could take place in the future.

It is unknown whether the Shadow Brokers genuinely have further tools stolen from the NSA or whether the group will make good on its threats. The NSA's practice of identifying security flaws in software, and then keeping those weaknesses secret so the NSA could continue to exploit them, led to widespread concern in the security community about what would happen if people outside the government were able to acquire that information - exactly what appears to have happened in this case. The US government has not commented directly on the matter.