Viernes, 19 Octubre, 2018

Shadow Brokers teases more Windows exploits and cyberespionage data

Marcus Hutchins Video Cyberattack hero says lack of patch caused hack
Eleena Tovar | 20 May, 2017, 03:43

Is being like wine of month club.

These were then used by as-yet unidentified attackers to help spread "WannaCry" ransomware that hijacked computers around the world on Friday, causing chaos in hospitals and telecoms firms. The gang says that potential buyers would have to pay the subscription fee the data is locked behind but, other than that, practically everyone could buy it and used it for whatever purposes, terrorist organizations included.

It alleges the data could include "compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs", as well as exploits for Windows 10, handset exploits, and stolen data from central banks. "What members doing with data after is up to members".

The hacking group said it would release tools to subscribers each month or would "go dark permanently" if the "responsible party" bought all the tools for a lump sum, suggesting that the Shadow Brokers could be willing to hand over stolen hacking tools to the NSA for a price.

Even though the crooks behind the real WannaCry infection are still unknown, one thing is certain and this is the fact that Shadow Brokers stole the malware from the NSA.

Shadow Brokers came to public attention last August when it mounted an unsuccessful attempt to auction off a set of older cyber-spying tools it said were stolen from the US National Security Agency.

The leaks, and the global WannaCry virus attack, have renewed debate over how and when intelligence agencies should disclose vulnerabilities used in cyber spying programs to so that businesses and consumers can better defend themselves against attacks.

"ShadowBrokers are back" tweeted Matthieu Suiche, a French hacker and security researcher who has tracked the group.

Calling themselves the Shadow Brokers, the group first appeared in 2016 claiming that they had access to 75% of the United States cyber arsenal, which they offered to auction to the highest bidder. But the naming of Windows 10 specifically will undoubtedly set Microsoft, its partners and corporations using the latest version of Windows, which until now has been unaffected by WannaCry, on edge.

The group claims that a screenshot it posted in January alerted the Equation Group that it had access to the EternalBlue exploit, and that this was responsible for Microsoft missing a security update in February. The US government has not commented directly on the matter.