The Shadow Brokers revealed pricing and other details about its monthly dump service which kicks off in June. Subscribers of the dump of the month club will not be shelling out bitcoins, but a different cryptocurrency: 100 (ZEC) Zcash. At the time of publishing, 100 Zcash was equal to $23,251.
Over the weekend, the Shadow Brokers moved bitcoins worth about $24,000 to over 30 smaller wallets. The bitcoins had been received back when the group was trying to auction off the hacking tools. Mikko Hypponen noticed the change after an alert he set on their bitcoin wallet went off.
Regarding the change to Zcash, which purportedly includes “privacy enhancements provided by zero-knowledge proofs,” the Shadow Brokers are trying it out for the first month. Hypponen noted that Zcash deposits cannot be monitored. The group also noted, “Theoretically only party seeing payment info is theshadowbrokers and theshadowbrokers only seeing amount and encrypted memo field, no sending address.”
The Shadow Brokers are not claiming Zcash is safe and reliable. Instead, the group said if you care about losing over $20,000 then the service is not for you.
Monthly dump is being for high rollers, hackers, security companies, OEMs, and governments. Playing “the game” is involving risks. Zcash is having connections to USG (DARPA, DOD, John Hopkins) and Israel.
Then the group laid out several more possible Zcash conspiracy theories before saying it might change to a different cryptocurrency in July if it doesn’t like Zcash.
In mid-May, the group claimed monthly dumps might include NSA-linked Equation Group exploits for Windows 10, routers, web browsers as well as compromised data from SWIFT providers and nuke and missile programs.
In the latest post, the Shadow Brokers claim to be undecided about what will be in the June dump, but suggested the question to be asking is: “Can my organization afford not to be first to get access to theshadowbrokers dumps?”
As for how to subscribe to the Shadow Brokers dump of the month for June, the group wrote:
#1 – Between 06/01/2017 and 06/30/2017 send 100 ZEC (Zcash) to this z_address:
#2 – Include a “delivery email address” in the “encrypted memo field” when sending Zcash payment
#3 – If #1 and #2 then a confirmation email will be sent to the “delivery email address” provided
#4 – Between 07/01/2017 and 07/17/2017 a “mass email” will be send to the “delivery email address” of all “confirmed subscribers” (#1, #2, #3)
#5 – The “mass email” will contain a link and a password for the June 2017 dump
A month ago, a monthly dump service provided by the Shadow Brokers might have been as unsuccessful as the group’s previous attempt to auction off NSA-linked hacking tools. But the WannaCry ransomware attack could have changed it all.
Kryptos Research suggested that the 200,000 affected systems figure is far too low; instead, the researchers argued, “The real number of affected systems, by assessing the sinkhole data, is in the millions, and we further estimate between 14 to 16 million infections and reinfections have been mitigated avoiding what would have been chaos, since May 12th.”
While the idea of crowdfunding the dump service is floating around, some cyber security firms are seriously considering subscribing to the service to analyze the data and get patches ready before the world is hammered with another attack similar to WannaCry. Matthew Hickey of Hacker House and FSecure’s Hypponen told the BBC that both of their firms were considering paying for the Shadow Broker’s dump service.
On the flipside, security researcher Kevin Beaumont tweeted, “If InfoSec vendors fund Shadow Brokers ($20k per monthly subscription) leaking Nation State tools I think it’s a new low for InfoSec.”