Shadow Brokers lay out pitch – and name price – for monthly zero-day subscription service

$21k lucky dip for exploits

hacker

Shadow Brokers, the group that leaked stolen NSA hacking tools including the vulnerability that proved key to the WannaCrypt outbreak, has launched a new exploit subscription service.

Subscriptions for the zero-day feed will cost 100 ZEC (Zcash cryptocurrency) or $21,000 per month. The group emptied its Bitcoin wallet on Monday before switching over to the alternative digital currency, at least for now. The hacking crew said it might well use something different next month.

Subscribers to the service, due to start next month, will have little idea what they will be getting for their money, as the Shadow Brokers candidly admit. The group's pitch is that customers worried about value are not the target market.

Monthly dump is being for high rollers, hackers, security companies, OEMs, and governments. Playing "the game" is involving risks.

The group goes on to claim that it hasn't even decided what will feature in the first subscription service dump itself. "TheShadowBrokers is not deciding yet. Something of value to someone," it said.

There's some talk of crowdfunding access to the dump, which would obviously undermine the service's exclusivity. Security companies, a potential target audience that could use the dump to add detections for future exploits, have been urged by some not to get involved.

"If InfoSec vendors fund Shadow Brokers ($20k per monthly subscription) leaking Nation State tools I think it's a new low for InfoSec," said security researcher Kevin Beaumont. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017