It feels as though it has been a while since we heard anything from the hacking group TheShadowBrokers. The group's latest data dump sees the release of the NSA's UNITEDRAKE exploit tool, and there's also a promise of two data dumps a month moving forward.
UNITEDRAKE is a remote access hacking tool that can be used to target Windows machines. Modular in nature, the malware can be expanded through the use of plugins to increase its capabilities so it can capture footage from webcams, tap into microphones, capture keystrokes, and more.
The group famously set up a subscription-based data dump service, and now it appears to be trying to drum up further interest -- and more money. TheShadowBrokers has posted to cloud storage service Mega its data dumps for August, September, October and November, but they are all encrypted. Not encrypted, however, is the manual that accompanies the August dump -- the manual for the NSA's UNITEDRAKE tool.
The move is being seen as a way of reassuring would-be subscribers that their money would not be going to waste:
The PDF for UNITEDRAKE reveals the tool to be a way of monitoring compromised computers running Windows XP, Vista, 7, 8 or Windows Server 2012.
In a post on Steemit -- its outlet of choice -- TheShadowBrokers group says:
Missing theshadowbrokers? If someone is paying then theshadowbrokers is playing.
Changes to Dump Service:
- Two dumps per month
- Zcash only, no Monero, delivery email in encrypted memo field
- Delivery email address clearnet only, recommend tutanota or protonmail, no need exchange secret, no i2p, no bitmessage, no zeronet
- Previous dumps now available, send correct amount to correct ZEC address
- September dumps is being exploits