A hacker group responsible for leaking cyber weapons stolen from the National Security Agency and enabling the recent, wide-scale WannaCry ransomware attack detailed its plans Tuesday to unload its next batch of exploits through a monthly subscription service.
The Shadow Brokers published a cryptographically-signed post Tuesday morning suggesting it’ll sell purportedly stolen NSA exploits to anyone willing to pay about $21,000 in zCash, a hard-to-trace cryptocurrency similar to Bitcoin, following-up on its recent promise of launching a “monthly subscription model” to unload offensive cyber tools.
Individuals who send about $21,000 to a specific zCash wallet during the month of June will receive a “mass email” between July 1 and July 17 containing a link and password needed to access the Shadow Broker’s next dump, according to the post.
“If you caring about loosing $20k+ then not being for you,” the post said in broken English. “Monthly dump is being for high rollers, hackers, security companies, OEMs and governments. Playing ‘the game’ is involving risks.”
Nearly 10 months after first emerging online, the Shadow Broker’s promise of a subscription service for digital exploits quickly raised eyebrows Tuesday given the unprecedented impact of one of its more recent disclosures. In April the Shadow Brokers published the source code for NSA cyber weapons that were subsequently harnessed the following month by whoever unleashed WannaCry — a ravaging ransomware worm that wiggled its way through computer systems in over 150 countries — crippling networks used by Russia’s central bank and Britain’s National Health Service (NHS), among others.
Indeed, the Shadow Broker’s latest post has since left security researchers wrestling with the quandary of whether to subscribe to the service in lieu of letting the next exploit end up exclusively in the hands of ne’er do wells.
“What’s better: the tool everyone, including the good guys and bad guys, know about, or the one which only your adversaries have?” Matthew Hickey, co-founder of U.K. cybersecurity company Hacker House, told Motherboard on Tuesday.
“It certainly creates a moral issue for me,” he added to Ars Technica. “Endorsing criminal conduct by paying would be the wrong message to send. Equally, I think $21k is a small price to pay to avoid another WannaCry situation, and I am sure many of its victims would agree with that sentiment.”
Mr. Hickey and a handful of colleagues have since launched a crowd-funding effort to raise the funds needed to pay next month’s subscription fee, the likes of which raised roughly a tenth of its $25,000 goal in its first day online.
The Shadow Brokers first surfaced last August and initially offered to auction off a trove of cyber weapons purportedly taken from the Equation Group, a name given by security researchers to an elite hacking group within the NSA, but has freely distributed stolen exploits in the months since.
The NSA could not be reached for comment Tuesday, Reuters reported, and has previously declined to discuss the Shadow Group’s activities or the origins of its offerings.