After infamy of EternalBlue exploit, Shadow Brokers are trying a new business model

[WMGroomAK]

So now that the Shadow Brokers have garnered a bit more infamy for being the source of the EternalBlue tool, they have decided to open up a new monthly subscription based service model to actual earn money.  

 

https://www.bleepingcomputer.com/news/security/new-shadow-brokers-message-teases-data-from-nuke-programs-windows-10-exploits/

Quote

Trying to capitalize on the success of the WannaCry ransomware, which used ETERNALBLUE for a self-spreading SMB worm, The Shadow Brokers are now announcing the "TheShadowBrokers Data Dump of the Month" service, a monthly subscription plan.

 

The group claims it will release new exploits through this new monthly membership program. According to the group, these are the types of exploits we can expect:

Quote

⎆ web browser exploits
⎆ router exploits
⎆ mobile handset exploits and tools
⎆ items from newer Ops Disks
⎆ exploits for Windows 10
⎆ compromised network data from more SWIFT providers and central banks
⎆ compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

Based on previous announcements, there is no reason to doubt the group's claims, as they have always released the files they teased. Unlike before, this time, the group has not provided any teasers or demo files to sustain their claims.

I have to admit that this seems like a poor idea as it it only going to get the IT security world extremely upset with them when there are a lot of unpatched holes being published in the wild and more ransomware and other malware deployed based on whatever they may have to publish.  A better option would be if they actually notified the developers of whatever exploits they have of those exploits at least 3 months prior to publishing them on the subscription service so that there is time for a potential patch to be deployed.  Either way, if they go forward with this and actually do have the exploits they advertise, then it may be time to re-enable all of those stupid automatic updates...

[ARikozuM]

I would suggest having images of the OS ready before doing updates so that you can fall back on them if something goes wrong.

[Enderman]

Looks like it's time to unplug that ethernet cable.

[KenjiUmino]

2 minutes ago, WMGroomAK said:

I have to admit that this seems like a poor idea as it it only going to get the IT security world extremely upset with them when there are a lot of unpatched holes being published in the wild and more ransomware and other malware deployed based on whatever they may have to publish.  A better option would be if they actually notified the developers of whatever exploits they have of those exploits at least 3 months prior to publishing them on the subscription service so that there is time for a potential patch to be deployed.  Either way, if they go forward with this and actually do have the exploits they advertise, then it may be time to re-enable all of those stupid automatic updates...

then the developers better be among their customers and out-buy other craptards that would otherwise use the exploits found to do harm.

[kingkang]

I think this will be a good thing. Sure it's not ideal, since you have knows and vulnerable exploits on your devices, but it also pushes the developers to work harder on a solution.

[Bcat00]

Oh boy, i can already see these people sitting behind bars for a very long time. 

[Guest]

I am innocent, plz don't assume because the exploit has that word. 

[WMGroomAK]

16 minutes ago, KenjiUmino said:

then the developers better be among their customers and out-buy other craptards that would otherwise use the exploits found to do harm.

My understanding is that this 'subscription service' is like a newsletter so it would release to everyone at the same time...  Devs would just need to have their crews performing more emergency patches before malware exploits are released although I'm not sure if they can get a turn around out as fast as malware can be written...

[ChineseChef]

1 hour ago, WMGroomAK said:

-snip-

I have to admit that this seems like a poor idea as it it only going to get the IT security world extremely upset with them when there are a lot of unpatched holes being published in the wild and more ransomware and other malware deployed based on whatever they may have to publish.  A better option would be if they actually notified the developers of whatever exploits they have of those exploits at least 3 months prior to publishing them on the subscription service so that there is time for a potential patch to be deployed.  -snip-

Poor idea?  The whole idea of this subscription is to make money.  They don't care about security.  They care about money.  They just feel they need to claim they care about security, better PR.

[Masada02]

And guess who the first subscribers will be... security companies, government agencies, and tech companies interested in fixing the exploits. Seems like a win for all. 

[laminutederire]

Just now, Masada02 said:

And guess who the first subscribers will be... security companies, government agencies, and tech companies interested in fixing the exploits. Seems like a win for all. 

Except when nukes are involved.

I think they may be more dangerous than we thought. I'm thoroughly okay with malware etc, but I'm clearly not with making nukes available for anyone to grab. It's reeeeeeeaaaally dangerous and could bring the world in quite a chaos..

[ChineseChef]

1 minute ago, Masada02 said:

And guess who the first subscribers will be... security companies, government agencies, and tech companies interested in fixing the exploits. Seems like a win for all. 

That is assuming the exploits actually get fixed.  So many companies just ignore it, or fix it for the next version of the hardware.  Like android phones, or webcams and such.  They don't ever bother to patch anything, just sell the fix in the next model.

[Masada02]

Just now, laminutederire said:

Except when nukes are involved.

I think they may be more dangerous than we thought. I'm thoroughly okay with malware etc, but I'm clearly not with making nukes available for anyone to grab. It's reeeeeeeaaaally dangerous and could bring the world in quite a chaos..

It's not physical nukes though, just the potential for information relating to nukes. And even if you had the full plans to build one it'd be pretty hard to so since all of the source materials are super heavily regulated. Still though, I see your point.

 

2 minutes ago, ChineseChef said:

That is assuming the exploits actually get fixed.  So many companies just ignore it, or fix it for the next version of the hardware.  Like android phones, or webcams and such.  They don't ever bother to patch anything, just sell the fix in the next model.

Time to exercise your capitalism and stop giving companies like that your money then.

[ChineseChef]

3 minutes ago, Masada02 said:

It's not physical nukes though, just the potential for information relating to nukes. And even if you had the full plans to build one it'd be pretty hard to so since all of the source materials are super heavily regulated. Still though, I see your point.

 

Time to exercise your capitalism and stop giving companies like that your money then.

Yah, I already try to buy from good companies as much as possible.  The problem is the idiot masses that do 0 research before buying the cheapest option available.

[Masada02]

Just now, ChineseChef said:

Yah, I already try to buy from good companies as much as possible.  The problem is the idiot masses that do 0 research before buying the cheapest option available.

Very true, and the masses will be the first to suffer. The real problem is that it is nearly impossible to keep track of everything that can effect you negatively and it's really only a matter of time until something happens. It's just up to you to have a backup plan or to minimize your risks as much as possible, or both.

 

But hey, there's always been risks involved in living and life would be a lot less interesting if there wasn't.

[BuckGup]

They will make bank