News over the past week has been dominated by the fallout from the WannaCry ransomware. Now the hacking group that released the NSA's hacking tool kit into the wild has announced plans to start an exploit subscription service in June.
ShadowBrokers used a blog post to announce that next month will see the launch of "TheShadowBrokers Data Dump of the Month" service. Described as "being like wine of month club," such a subscription service would attract a great deal of interest from intelligence agencies and would-be hackers alike, particularly if -- as the group suggests -- it includes access to Windows 10 exploits.
In a characteristically stylistic and rambling blog post entitled "OH LORDY! Comey Wanna Cry Edition," the hacking group said it has been "eating popcorn and watching 'Your Fired' and WannaCry." But if what the group says is to be believed, things could start to get messy again next month. Threatening to release not just Windows 10 exploits but also compromised data from banks, and "web browser, router, handset exploits and tools," ShadowBrokers says:
In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.
This is a very similar attitude to the one it adopted with the previous NSA dump. The potentially dangerous tools were made publicly available leading to weaponization in the form of WannaCry. But the potential crisis could be averted. For a price. In shouty caps the group says:
OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS
We'll just have to wait and see what happens in June. If the group does not receive the pay-out it seeks, and if the suggested Windows 10 exploits are real, there is potential for serious problems over the summer.