In the past, you already read on Fossbytes that Shadow Brokers would come up with a subscription-based plan to reveal more 0-day bugs. The group had also posted a cryptic message detailing the “perks” that they have for the subscribers.
In a new encrypted message, the group has announced the release of their next dump, scheduled to happen sometime in July. However, to obtain the data, a person would have to pay the amount of $21,000 in Zcash – a cryptocurrency that’s almost impossible to track.
A sum of 100 ZEC needs to be paid to the Shadow Brokers between June 1 and June 30 to the Zcash address mentioned in the message along with the “delivery email address”.
The hacker group will send the username and password for the next release to all “confirmed subscribers” via an email between July 1 and July 17.
In their faq-style message, the hackers also say that they are yet to figure out what data would be the part of the dump. But as they’ve said in the past, it might include compromised data from banks, Windows 10 bugs, exploits for web browsers, routers, etc. and even stolen information about the North Korean nuclear missile programs.
They are promoting their next release like its done in TVC ads. “Act quickly, is good chance Zcash price increasing over time,” said the message.
Security researchers and white hat hackers around the world need to analyze every set of exploits released by such groups. Whether to go with their ethics or give the hackers the money in favor of the security of millions or even billions of devices globally, surely poses a moral dilemma for them.
“It certainly creates a moral issue for me. Endorsing criminal conduct by paying would be the wrong message to send,” the co-founder of Hacker House Mathew Hickey told Ars Technica.
“Equally, I think $21k is a small price to pay to avoid another WannaCry situation, and I am sure many of its victims would agree with that sentiment,” he added.
If you have something to add, drop your thoughts and feedback.