Subscription Service for Hackers

By now you’ve probably heard of the mysterious hacker group called the Shadow Brokers. While they’re not the new kids on the block, their recent claim to fame was releasing zero day¬†exploits stolen from the NSA that led to the worldwide outbreak of the WannaCry ransomware.

They’ve decided to monetize their stolen electronic wares in a new way, which they’ve likened to a wine of the month club. In short, if you subscribe to their service you’ll get monthly data dumps, including exploits for mobile phones, operating system, routers, and web browsers as well as stolen data ranging from bank information to nuclear missile program network info.

It’s pretty wide-ranging and this group has shown they have the chops to pull something like this off.

Here’s a copy of their announcement, originally published here. (In case you’re wondering about the poor English, it’s a trick to make them harder to pinpoint.)

Q. What is being difference between ransom and sale?

A. Sale is buy or no buy, no bad things happen if no buy. Ransom is buy or bad things happen to you. Yes?

TheShadowBrokers is feeling like being very responsible party about Windows dump. Do thepeoples be preferring theshadowbrokers dump windows in January or August? No warning, no time to patch? this is being theshadowbrokers version of alternative facts.

In August theshadowbrokers is telling thepeoples theequationgroup fails at security, theequationgroup is losing their data. Is telling thepeoples, theshadowbrokers is having equation group data, hacker tools for auctioning. Auctioning is sale, bid or no bid. Auction is not ransom. TheShadowBrokers is releasing theequationgroup 2013 firewall tools as proof and advertising. Only Zero-Day is old Cisco. All thepeoples laughing or not paying attention. No peoples is believing theshadowbrokers.

ThePeoples is asking “why not do X or Y or Z?” “Why auction?” TheShadowBrokers is not being interested in bug bounties, selling to cyber thugs, or giving to greedy corporate empires. TheShadowBrokers is taking pride in picking adversary equal to or better than selves, a worthy opponent. Is always being about theshadowbrokers vs theequationgroup.

But theequationgroup didn’t bid in auction. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn’t bid in auction. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn’t bid in auction.

In December theshadowbrokers canceling auction, offering direct sales, advertising list of warez with reasonable on website. No new Zero-Days.

But theequationgroup didn’t buy back lost warez. The Five Eyes, Russia, China, Iran, Korea, Japan, Israel, Saudi, the UN, NATO, no government or countries didn’t buy lost warez. Cisco, Juniper, Intel, Microsoft, Symantec, Google, Apple, FireEye, any other bullshit security companies didn’t buy lost warez. TheShadowBrokers was very very sad! Story is now sounding like silly children’s’ book. TheShadowBrokers is writing to audience reading level, thepeoples is having average reading level of 8th grade.

TheShadowBrokers is asking selves, selves why is no peoples making offer on theshadowbrokers equation group warez? Are thepeoples not understanding? No, theshadowbrokers canceling complex auction? Is thepeoples not wanting warez? No, much great interest in free warez. Is thepeoples not really caring about security and public safety? No, governments and corporations caring about thepeoples, yes? Do thepeoples thinking theshadowbrokers are scammers? Maybe, no peoples is buying because thinking theshadowbrokers are scammers and not having anymore theequationgroup data.

In January theshadowbrokers is deciding to show screenshots of lost theequationgroup 2013 Windows Ops Disk. TheShadowBrokers is knowing if showing screenshots, then vulnerabilities is being reported by theequationgroup to Microsoft and is being patched. TheShadowBrokers is goes dark and is watching. No new Zero-Days.

In February Microsoft is missing patch Tuesday. TheShadowBrokers is knowing, Microsoft is missing to be making patches for Eternal exploits. No new Zero-Days.

In March Microsoft is releasing patch for SMB vulnerabilities. TheShadowBrokers is knowing this is being for Eternal exploits. TheShadowBrokers is still waiting and not releasing. No new Zero-Days. Oracle is patching huge numbers of vulnerabilities but TheShadowBrokers is not caring enough to be look up exact dates.

In April, 90 days from theequationgroup show and tell, 30 days from Microsoft patch, theshadowbrokers dumps old Linux (auction file) and windows ops disks. Because why not? TheShadowBrokers is having many more where coming from? “75% of U.S. cyber arsenal” TheShadowBrokers dumped 2013 OddJob from ROCTOOLS and 2013 JEEPFLEAMARKET from /TARGETS. This is theshadowbrokers way of telling theequationgroup “all your bases are belong to us”. TheShadowBrokers is not being interested in stealing grandmothers’ retirement money. This is always being about theshadowbrokers vs theequationgroup.

Eternal exploits is not being ZeroDays. Is being gay to be using this term, but if being gay then correct terminology is being ThirtyDays because Microsoft patch was being available for 30 days before theshadowbrokers is releasing dump to public. Despite what scumbag Microsoft Lawyer is wanting the peoples to be believing Microsoft is being BFF with theequationgroup. Microsoft and theequationgroup is having very very large enterprise contracts millions or billions of USD each year. TheEquationGroup is having spies inside Microsoft and other U.S. technology companies. Unwitting HUMINT. TheEquationGroup is having former employees working in high up security jobs at U.S. Technology companies. Witting HUMINT. Russian, China, Iran, Israel intelligence all doing same at global tech companies. TheShadowBrokers is thinking Google Project Zero is having some former TheEquationGroup member. Project Zero recently releasing “Wormable Zero-Day” Microsoft patching in record time, knowing it was coming? coincidence?

If theshadowbrokers is telling thepeoples theequationgroup is paying U.S technology companies NOT TO PATCH vulnerabilities until public discovery, is this being Fake News or Conspiracy Theory? Why Microsoft patching SMB vulnerabilities in secret? Microsoft is being embarrassed because theequationgroup is lying to Microsoft. TheEquationGroup is not telling Microsoft about SMB vulnerabilities, so Microsoft not preparing with quick fix patch. More important theequationgroup not paying Microsoft for holding vulnerability. Microsoft is thinking it knowing all the vulnerabilities TtheEquationGroup is using and paying for holding patch. Douche bag, dumbass, libtard, rich prick Head Microsoft Lawyer is running his cock holster because he is having ruff weekend doing real work. Head Microsoft Lawyer being angry because he is missing leisurely weekend playing the skin flute behind the country club. Real work is not being for executives. Real work is being for dirty foreign H1B workforce, happily working for less than stupid lazy American workers.

In May, No dumps, theshadowbrokers is eating popcorn and watching “Your Fired” and WannaCry. Is being very strange behavior for crimeware? Killswitch? Crimeware is caring about target country? The oracle is telling theshadowbrokers North Korea is being responsible for the global cyber attack Wanna Cry. Nukes and cyber attacks, America has to go to war, no other choices! (Sarcasm) No new ZeroDays.

In June, TheShadowBrokers is announcing “TheShadowBrokers Data Dump of the Month” service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

TheShadowBrokers Monthly Data Dump could be being:

  • web browser, router, handset exploits and tools
  • select items from newer Ops Disks, including newer exploits for Windows 10
  • compromised network data from more SWIFT providers and Central banks
  • compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

More details in June.

OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS

-TSB