WASHINGTON – The mysterious “Shadow Brokers” group, which leaked the stolen hacking tool used in last week’s global cyberattacks, is threatening to release more such tools next month.
In a taunting online message in broken English late Tuesday, the group said it will take payments beginning in June for monthly releases of computer hacks and vulnerability exploits like the one behind the global hacking wave.
It also threatened to release compromised data from the international banking network and secret information on the nuclear and missile programs of Russia, China, Iran or North Korea.
“Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members,” the group wrote on the Steemit social blogging platform.
Shadow Brokers first surfaced last year offering for sale a suite of hacking tools stolen from the U.S. National Security Agency, leaking bits to demonstrate what they had in their possession.
Who is behind the group is unknown, though they are believed to be based in Russia or Eastern Europe. But analysts believe the files are genuine and came from the NSA’s hyper-secret hacking unit dubbed the “Equation Group.”
Shadow Brokers’s trove included the NSA’s exploit tool for a Microsoft Windows vulnerability that was used in Friday’s “WannaCry” ransomware attack, which infected hundreds of thousands of computers in scores of countries.
Shadow Brokers is not believed to be the source of the ransomware attack itself, which some analysts say could be linked to North Korea.
In the new online message, Shadow Brokers accused the Equation Group of not warning software makers like Microsoft of vulnerabilities that leave their products open to hacking and malware.
It said future releases could be prevented if the NSA or another “responsible party” bought back the stolen data.
“TheShadow Brokers is not being interested in stealing grandmothers’ retirement money. This is always being about theshadowbrokers versus theequationgroup,” they said.