The hacker group known as the Shadow Brokers simply won’t go away, and recently, they’ve announced that they’ll launch their own subscription service. All those who pay would get the first look at the new exploits and info that the group has stolen from the NSA.
The group continues to mock the NSA, and this Tuesday, they’ve released even more details concerning this promised service. They’ve stated that the parts of data will be released every month and that the first cache of exploits is coming in June. Those who wish to be among the first ones should pay in cryptocurrency, and the price would be 100 Zcash. This is around $23,000, at the time of writing.
Several of the information security researchers are trying to collect the funds so that they themselves might pay for the first look, and inform those who might be affected as soon as possible. As soon as those whose vulnerabilities are being published become aware of them, they could work on fixing them, and protect their data.
The co-founder of the cybersecurity company called Hacker House, Matthew Hickey, asks is it better to have the tool that everyone has access to, or to let the criminals be the only ones who can use it? Hickey is one of those who is trying to collect the funds and pay for the Brokers’ “subscription”.
He’s decided to launch a Patreon campaign with another researcher that’s known as x0rz. For now, they have 11 supporters and have managed to raise around $1,200. They’ve also stated that the money they collect will be donated to a charity related to digital or human rights if the goal isn’t reached in time.
They say on their Patreon that this is a chance for those who don’t have large budgets to assist in getting the monthly subscription to these releases. If they are amongst the first ones to get the insight into the exploits, it could benefit many people.
Brokers have already released publically many different exploits in the last year. These include the exploits related to firewalls, Windows systems, Unix, and alike. Last time, they’ve specifically mentioned having exploits for Windows 10, multiple browsers, as well as routers. However, they didn’t prove their claims as of yet, and for now, all people can do is wonder if that’s the truth.
They did include some of the previously unknown exploits into the new pieces of malware, especially in the ransomware called WannaCry. In a matter of hours, this ransomware has spread all across the world and affected many different institutions. Attacks like this are exactly what researchers are trying to avoid by getting that subscription.
Basically, as soon as the exploits are known, the proper vendors could be notified, and the patches could be made and issued. This is also what the Patreon campaign says, and they claim that they’ll release any and all info that’s delivered to them.
This brings up the ethical questions, like whether or not should researchers pay for the exploits delivered by criminals, and alike. There’s also the question about whether this subscription offer is even real. Brokers have tried to sell the data on multiple occasions before, and in the end, they would just dump the data anyway. This made the impression that they aren’t really after money, but their real goals can’t be determined with certainty as of yet.