ShadowBrokers Now Selling Windows Exploits (Including a 0-day) for 750 Bitcoin

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
ShadowBrokers hackers, who got everyone’s attention last summer when they started an action for attack tools allegedly used by the NSA, are now trying to sell an exploit kit that’s believed to also include a zero-day Windows vulnerability.

Currently on sale for 750 Bitcoin ($610,000), the exploit pack contains several utilities, many of which have already been updated several times, and this is a sign that they could include vulnerabilities that are yet to be patched, according to security experts.

Researcher Jacob Williams explain in a post that judging from the screenshots posted by the group online, there’s a good chance that the kit includes an exploit for a zero-day impacting the Windows Server Message Block protocol, which is a network technology that’s being used by Microsoft’s Windows operating system.

“Most interesting perhaps is the fact that the exploits contain a possible SMB zero day exploit. For the price requested, one would hope it is a zero day. The price is far too high for an exploit for a known vulnerability,” the researcher notes.

Possible ties with Russia
Specifics are not available at this point, and ShadowBrokers clearly tried to provide as few details as possible, and Williams explains that it’s hard to tell for the moment if the hackers are Russians or not, given the timing they picked for going online with this dump.

Of course, it’s also impossible to determine whether the release has anything to do with the hacking accusations launched by the United States against Russia, but given the previous connection of tools sold by ShadowBrokers with the NSA, it’s not difficult to understand why some people are indeed exploring such a possibility.

“Shadow Brokers must have known that people would make this analytic leap, so even if they scheduled this release some time ago, the decision to go ahead given the release of the report on Russian hacking was done with the understanding that connections would be made,” Williams writes.

In the end, there’s a big chance that the Windows exploit included in the pack is not a known issue, but customers are strongly recommended to keep their computers fully up-to-date with the latest patches.
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
If the exploits are now known won't the software be useless? Wouldn't waste my money!

What we must remember is these tools save lives, from terrorism, child trafficking, child abuse and threats against national security.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top