Skip to main content

Group that leaked exploit behind 'WannaCry' attack promises more to come

Shadow Brokers, the group that leaked the alleged NSA-developed exploit that was leveraged in the recent massive "WannaCry" ransomware attack, says it is gearing up to release more exploits in the coming months. But any upcoming releases will take a much different form than Shadow Brokers' previous leaks. The hacker group has published a new statement (via The Hacker News) in which it says it will launch a monthly subscription, which the group likens to a "wine of the month club" — only for exploits.

Shadow Brokers claims it will be buying access to a monthly data dump that could include:

  • web browser, router, handset exploits and tools
  • select items from newer Ops Disks, including newer exploits for Windows 10
  • compromised network data from more SWIFT providers and Central banks
  • compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

If true, that's potentially bad news for a number of reasons, not the least of which is the breadth of a potential attack using any exploits that may be released. As we saw with the "WannaCry" ransomware, even an exploit that has already been patched can have a massive impact due to the lag in security updates around the globe.

Though it only affected older versions of Windows without the most recent security updates, WannaCry affected hundreds of thousands of computers worldwide. The consequences of a previously undiscovered exploit getting into the wild could be devastating in the right hands, particularly if Shadow Brokers' claims of exploits for Windows 10 prove true.

'WannaCry' ransomware: Everything you need to know

Further in its statement, Shadow Brokers makes the accusation that U.S. tech firms, including Microsoft, are being paid not to patch vulnerabilities until they are discovered publicly. That runs directly counter to a rather sharp statement released by Microsoft President and Chief Legal Officer Brad Smith, following WannaCry, in which Smith calls for an end to governments stockpiling software vulnerabilities.

Dan Thorp-Lancaster is the Editor in Chief for Windows Central. He began working with Windows Central as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl. Got a hot tip? Send it to daniel.thorp-lancaster@futurenet.com.

39 Comments
  • This wouldn't happen if everyone was using Windows 10S (S for Security!)
  • You still can get virus if uses xhamster on Edge, best best system protector is yourself
  • Not really, the flash player is sandboxed and the program cannot run in background in 10S.
  • Flash player is also disabled by default with the latest update.
  • This is wholly untrue.
  • If you are stuck with just the Windows store then a Chromebook or iPad Pro would be more secure and just as effective. Without being able to access outside sources, why use Windows at all?
  • That depends on how you define 'effective'. In terms of number of apps, sure iOS and Chrome OS are ahead, but for productivity the iPad Pro, for example, doesn't support a mouse and is limited to side by side multitasking. Windows 10 S machines also offer some serious hardware grunt for apps like Photoshop Elements and likely support for Windows Mixed Reality. I also haven't seen any indication that Chrome OS and iOS are *more* secure than the UWP platform.
  • Does Photoshop elements require much power? I am sure there are plenty of similar apps available on iPad that perform just fine. I have seen plenty of indications that Chrome OS and iOS are more secure than Windows. You are assuming that attacks could only come through UWP. I am sure there are other methods of attacking Windows and people are actually targeting Windows. There is defintely more threats to Windows, with or without Win32.
  • Well I believe PE can do RAW processing so I'm sure more RAM & CPU speed could improve performance. It was maybe a poor choice though, I picked it only because it's widely known. But there are other things like video editing (especially hardware h264 encoding) and 3D modelling (which is built into the new Paint) that would definitely benefit from the extra RAM, CPU & GPU specs in something like the Surface Laptop vs an iPad Pro. I don't believe that Chrome OS & iOS comparisons to Win32 Windows are relevant with Windows 10 S. The UWP platform was a complete rewrite of Windows that started with WinRT and was released in its purest form on the Surface RT devices. That would be a better comparison. Windows 10 S then adds _some_ Win32 APIs on top of that but apps running on them are sandboxed. My understanding is that although Win32 apps can be delivered through the store, the repackaging process may not be simple depending what APIs they use and they will all be scrutinised when they are submitted. I think Windows 10 S is a different enough platform that we can't draw any definite conclusions or comparisons on the security at this stage.
  • There is no such. Hackers target where the numbers are. Why waste time targeting chrome os. However take a look at android, that's where the numbers are and a lot of viruses are known to target the platform. As yourself this, if chrome os received this attention from hackers as on windows, do you think the OS would crack?
  • quote "Shadow Brokers makes the accusation that U.S. tech firms, including Microsoft, are being paid not to patch vulnerabilities " and they say Microsoft is not like Google... wake up people, they are the same
  • Fear, uncertainty, and doubt. There is no proof that Microsoft has willingly or knowingly left vulnerabilities in Windows. In fact, Microsoft is by far the most security conscious developer and patches Windows vulnerabilities much more regularly than any other Operating System.
  • So you trust shadow brokers? Good Going
  • Just like the Xbox One S, can we please agree it means "Slim"?
  • " This wouldn't happen if everyone was using Windows 10S (S for Security!) " Windows 10S isn't available to consumers yet, is it?
  • I actually had a dream last night that my surface book got this ransomware
  • Scaryware in your Dreamware :P
  • My dreamware was hacked by Russia 😩
  • No, it was the Inception team!
  • And i don't have a fidget to spin to see if I'm in reality...
  • Someone actually disliked your dream. Hahaha
  • Damn so much drama. I love it.
  • It is Google behind all of this. They benefit the most from an insecure perception of Windows.
  • Lol!
  • It's North Korea. At least that's what the deep state is telling us today.
  • They have enough problems with their own ****** software, no one will ever be as bad security-wise as them
  • Time to go offline.
  • >whispers< You're still online, aren't you?
  • Typewriter, pad, pen/pencil, and you're good to go.
    So the world slows down a little.
  • Well some entities definitely take advantages of this exploit like us and Israeli military....
  • See, spreading their threats is working for them, helping them on their cause. I'd refrain from posting these articles.   
  • Spreading knowledge that these types of threats exist and are increasing is important information for consumers. Normally passive computer users should be more active in trying to make sure their systems are up to date, protected, etc.
  • Ok, so this is basically a ******* match that the Shadow Brokers started with the equation group... That's all fine and dandy... But why in the name of **** do we, the bystanders have to deal with the collaterals of their crap?
  • Popping popcorn now.
  • on the face of it, this does looks scary. But I really think this is just a bluff to remain relevant. As with all other viruses that caused a global stir at the tie of their release, the people forget very easily people behind those attacks once the cause and remedy become common. In this case, the remedy already existed and patched up. It only harmed thsoe who did not take precautions to update their security systems. Now when many may have updated their security systems, even if the groupd does release something new, chances of it being anywhere near this 'succesful' are really remote
  • Surely if they launched a monthly sub service for such things the law agencies and governments would be able to track them and shut them down? I can't imagine or at least I hope they wouldn't just sit by and let this happen.
  • The **** with that promises. I need no wanna cry.
  • Well, Microsoft better patch soon for this upcoming Ransom ware.... If you are fully up to date and Windowws 10 gets it, it mignht be time for a class actcion lawrsuit...  Why  ? If it hits Windows 10, they released a insecure OS.
  • Chicken crap bastards