Short Bytes: Shadow Brokers were the first to reveal the vulnerabilities that led to the release of the WannaCry virus and it looks like they are back with a bang. They are launching a subscription-based model where people will be sold zero-day exploits and hacking tools, at least to those who have opted to become their “loyal customer.” In a way, this can be marked as good news and terrible news at the same time.Things might take a turn for the worst because the collective hacking group known as The Shadow Brokers has revealed that they will be releasing more zero-day bugs and exploits.
To bring you up to speed, this hacking group was the first to publicly reveal information of the WannaCry ransomware malware, but it looks like they have another agenda in mind as far as releasing 0-day bugs and exploits go.
The group has published a statement, albeit in broken English, saying that it has promised to release additional zero-day bugs and exploits for a multitude of desktop and mobile operating systems starting from June 2017. These leaks are not going to be for everybody and the collective hacking group intends to milk money from paid subscribers as it states the following:
“TheShadowBrokers is launching new monthly subscription model. Is being like [the] wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month.”
An advantage that this leak could serve is that all the remaining unpatched vulnerabilities will become patched after they are disclosed.
On the other hand, instead of telling them to Microsoft to patch up those vulnerabilities, it could bring forth a tumultuous situation as far as online security is concerned. Keep in mind that the paid subscribers could range from anywhere between journalists and ethical hackers to criminals, state-affiliate security organizations and the malevolent ones who tend to exploit the globe with these valuable assets.
Anyone who becomes a paid member will get access to the following perks:
- Exploits for web browsers, routers, and mobile devices.
- Exploits for operating systems, including Windows 10.
- Compromised data from banks.
- Stolen network information from Russian, Chinese, Iranian, and North Korean nuclear missile programs.
Hopefully, a Good Samaritan who becomes a customer will present the information to Microsoft and other tech companies so they can start developing patches for these bugs.
If you have something to add, drop your thoughts and feedback.