The announcement, posted on the cryptocurrency-based blogging website Steemit, announced a subscription to their ‘monthly dump’ service, where paying users will be leaked tools to enable exploits and attacks online. The service costs 100 ZEC (Zcash cryptocurrency), roughly equivalent to $21,000 per month. Interest parties are instructed to send 100 ZEC to a z_address, along with whichever email address they would like the tool(s) to be delivered to.
The service is a ‘magic hat’ or ‘joker box’, so subscribers won’t know what they’ll actually receive in the exploit subscription beforehand. The Shadow Brokers declare that their releases will be:
“Something of value to someone. See theshadowbrokers’ previous posts. The time for ‘I’ll show you mine if you show me yours first’ is being over.” [sic]
However, the group aren’t concerned by the possibility customers finding the cost too high. They say to those worried about losing their Zcash:
“If you caring about loosing $20k+ Euro then not being for you. Monthly dump is being for high rollers, hackers, security companies, OEMs, and governments. Playing ‘the game’ is involving risks.” [sic]
They do concede that if Zcash proves a ‘not good’, they are open to trialling new methods of payments in the coming months.
The Shadow Brokers rose to great prominence earlier this month after releasing EternalBlue and DoublePulsar, exploits which facilitated the spread of the WannaCryptor ransomware attack earlier this month.
Posting on Steemit just after the WannaCry outbreak, The Shadow Brokers justified their release of the tools and criticised governments (Russia, China, Israel and Saudi Arabia to name only a few), multinational alliances (NATO and the UN) and corporations (Google, Apple and Intel) for not bidding for the tools months ago.
The group claim that this was a show of force:
“This is theshadowbrokers way of telling theequationgroup ‘all your bases are belong to us’,”
The Equation Group being a threat actor suspected of operating with the NSA. They also refer to the upcoming service as a ‘wine of the month’ club:
“Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.” [sic]
There have been murmurs of individuals or even security organisations crowdfunding to get access to the exploit subscription service, which could open all of the released data up to research or , potentially, open the exploits up to a larger audience and even darker possibilities for Internet security in the future.