The effects of the Wannacry ransomware echoed through the entire world. The proliferation of the malware was made possible by the use of a National Security Agency (NSA) exploit leaked by the infamous hacker group The Shadow Brokers. Now the same group has started offering a 0-day exploit subscription service. To sign up, users are required to pay a hefty sum in cryptocurrency to a Z_address.
After the initial dump of NSA exploits, The Shadow Brokers said that in the future they would release more exploits. According to a recent statement by them, they will be offering the exploits via a subscription service with a price tag of 100 ZEC (Zcash). Zcash is a type of cryptocurrency that claims to be more secure than Bitcoin. Currently, 1 ZEC is valued at $236.23 which would bring the payment amount to about $23,623. ZEC’s value is bound to change given that cryptocurrency markets are highly volatile. After acquiring the required ZEC coins, the would-be subscriber just needs to send the amount to a z_address between 06/01/2017 and 06/30/2017. Then the users who submitted the payment will receive an email between 07/01/2017 and 07/17/2017 with a link, and a password for the July exploit leak.
According to the hacking group, these exploits are not meant for your average Joe trying to cause some mayhem or to make a quick buck. These exploits are intended for companies, governments, security firms, and hackers. They can give a significant edge to state-sponsored espionage and the acquisition of other companies trade secrets. These could cause national security issues in governments and millions of dollars lost in R&D for companies.
Perhaps The Shadow Brokers intended to offer the leak as a service from the beginning. Or maybe they were just doing it for the “lols” and in a moment of serendipity realized that they could make some serious money out of this. Nonetheless, whatever their initial intentions were is irrelevant. A release of these exploits can have serious repercussions for many institutions around the world. We all saw how Wannacry disrupted the UK’s National Health Service’s (NHS) operations resulting in the transfer and rerouting of patients to unaffected hospitals. One can only hope that the InfoSec community gets their hands on these exploit to patch and prepare countermeasures. Now, it’s a race to see who gets the exploit first and how fast they implement them.