NSA leakers to offer monthly ‘wine’ club for stolen hacking tools – The Hill

The group that released the likely NSA-designed hacking tool used in the international "Wanna Cry" ransomware attack announced a monthly subscription service Tuesday for its remaining cache of stolen documents.

The anonymous ShadowBrokers, who have been periodically releasing source code and documents believed to have been stolen from the National Security Agency since the summer, announced the new monetizationscheme in a post early Tuesday morning. The message was written in broken English typical of the group.

"Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members," the Brokers wrote.

Ransomware is a type of malware that encrypts a target's files, with the attacker providing the decryption key only after a ransom is paid, usually in bitcoins.

ShadowBrokers first leaked files in August it claimed were from a vaunted NSA-affiliated hacking operation known as the Equation Group, advertising an auction for the files. The files contained previously unknown, working techniques to bypass security hardware from major manufacturers. The release lead to a scramble to patch those products.

The Intercept reported that evidence within the leaked source code showed that the Brokers were correct about the files' provenance.

Though the files appeared to be real, ShadowBrokers failed multiple times to sell the tools, in part because of the lopsided terms they required for potential buyers.

In January the group sent a goodbye post, but returned in April to release a package of Windows hacking tools that included the one used in Wanna Cry. The April release was presented as a protest against President Trump for becoming more centrist and turning his back on the hard-right base that got him elected. In it, the Brokers claimed to be Trump voters.

In their Tuesday post, the Brokers say data from that hacking operation and from other high-profile hacking operations might be included in the "wine of the month" club.

Tuesday's post, titled "OH LORDY! Comey Wanna Cry Edition," also takes shots at Windows network administrators that did not update their software in time to stave off Wanna Cry noting that the group announced early on in their campaign what files it had to release, giving people some notice to patch their systems.

"TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts," wrote the group.

Read this article:
NSA leakers to offer monthly 'wine' club for stolen hacking tools - The Hill