The cybercriminal gang behind the WannaCry ransomware – Shadow Brokers – posed in a blog post that every month they will be releasing more and more of the data they stole. The hackers say that anyone who is willing to pay a subscription fee would have access to the sensitive information.
The group claims that they have been able to collect “compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs”, banking information and Windows 10 exploits. However, for now, there is no actual proof that this is true.
Shadow Brokers announced on their blog that they will be releasing more of the stolen data monthly, comparing this “data dump service” to “wine of the month club” for hackers. The gang says that potential buyers would have to pay the subscription fee the data is locked behind but, other than that, practically everyone could buy it and used it for whatever purposes, terrorist organizations included. Obviously, the group could not care less about the harm this “data dumping service” could cause.
Apparently, Shadow Brokers have already tried to sell information to several multinational companies, countries, and international organizations, including the North Atlantic Treaty Organization, the UN, Microsoft, Apple, and Google, but none of them was interested in that kind of purchase.
What is more interesting is the fact that one of the countries the group tried to sell data to is Korea, which puts the theory of North Korea being behind the WannaCry attacks under serious doubt. Yet, we could not and should not believe anything the group says only because they posted it on a blog.
Even though the crooks behind the real WannaCry infection are still unknown, one thing is certain and this is the fact that Shadow Brokers stole the malware from the NSA.
Microsoft did provide a patch for the vulnerability but a lot of machines were still exposed as they had not installed the updates. This especially applies to hospitals that mostly used older computers running OSs that that out of date.
The leaked WannaCry software also cause some tension between the U.S. government and Microsoft, whit Redmond-based company criticizing the NSA for holding on to exploits.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.” – said Microsoft’s Brad Smith – “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”