Shadow Brokers, the group that is now famously known for leaking the NSA hacking tools, Eternal Blue and Double Pulsar that infected computers worldwide with the WannaCry ransomware attack, is now announcing a new dump service through which, it will leak additional exploits for monthly subscriptions.
The new dump service
Soon after the WannaCry attack in mid-April, the group revealed a teaser in mid-May that it has new exploits that it will be providing for a fee.
This is not the first time that the group has tried to commercialize its activities. Recently, it launched public auctions, crowdfunding campaigns and tried selling other exploits but failed to make any progress.
The new exploits include those related to Windows 10
As part of the dump service, the group has claimed in a post that among the new exploits, there are those which include vulnerabilities in Windows 10, mobile handsets, web browsers, and router exploits.
In order to subscribe, one has to go to a link as provided by the group. The user will then have to send payment in Zcash – a cryptocurrency similar to Bitcoin – by giving their delivery email address.
A confirmation email will then be sent and in a mass email sent to subscribers, there will be a link and password that will provide access to the exploits.
From Bitcoin to Zcash
As you may have noticed, Shadow Brokers has switched to Zcash from Bitcoins. Zcash is yet another cryptocurrency, but unlike Bitcoin, it offers much-enhanced anonymity.
That is, transactions conducted through Zcash cannot be traced back to any address and as such it is much more private. This is probably the reason why Shadow Brokers switched to Zcash.
In fact, it has been reported that the group had moved its 10.5 bitcoins – equivalent to $24,000 – by hiding it behind a number of micro-transactions so as not to get spotted. With Zcash, this is much easier since one’s addresses are not revealed.
Is the service legit
Whether the exploits are actually with the group or not still remains a question. However, in an attempt to divert the attention of its customers, Shadow Brokers created hype by saying that Zcash is involved with the US intelligence agency.
Experts say that this indicates that the group does not actually have the exploits that it claims to have. Rather, the dump service is simply an attempt to get more cash and it is creating a paranoia by announcing that Zcash has ties with the US government.
It is likely that this can yet again be a major fraud since the group is charging 100 Zcash as part of subscribing to its service. This is equivalent to $20,000. Only time will tell whether the group has some other plans up its sleeve.
Folks, EternalBlue was worth $1 mil+ on the exploit market. No way @shadowbrokerss makes that in ~$20k increments. This isn't about money.
— Jake Williams (@MalwareJake) May 30, 2017