More bugs may be released: Hacking group

Staff monitoring the spread of ransomware cyber-attacks at the Korea Internet and Security Agency in Seoul. PHOTO: AFP

WASHINGTON • The hacking group that helped enable last week's global ransomware attack is threatening to make public even more computer vulnerabilities in the coming weeks - including "compromised network data" pertaining to the nuclear missile programmes of China, Iran, Russia and North Korea, as well as secret exploits affecting Windows 10, which is run by millions of computers around the world.

A spokesman for the group, which calls itself Shadow Brokers, claimed in a blog post on Tuesday that some of those computer bugs may be released on a monthly basis, as part of a new subscription-based business model that attempts to mimic what has proven successful for companies such as Spotify, Netflix, Blue Apron and many more.

"It's being like wine of month club," said the blog post, which is written in broken English. "Each month peoples can be paying membership fee, then getting members only data dump each month."

The move highlights the growing commercial sophistication of groups such as Shadow Brokers, which has already demonstrated a fearsome technical ability to compromise the world's top intelligence agencies.

And it underscores the way much of the underground trade for computer bugs resembles a real-world commercial market.

Shadow Brokers' new claim that it possesses information on the nuclear programmes of state governments is extremely worrisome, said Mr Joseph Lorenzo Hall, chief technologist for Washington think-tank Centre for Democracy and Technology.

He added that the tactic of distributing computer vulnerabilities for a monthly fee reflects a change in approach that could result in those bugs being spread far and wide.

Previously, the group had merely sought to sell its hacking tools to the highest bidder.

Few buyers came forward, the group said in its blog post.

But now, the monthly subscription model might mean the bugs will find their way into the hands of more people, said Mr Hall.


Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on May 18, 2017, with the headline More bugs may be released: Hacking group. Subscribe