The hacker group that is believed to have leaked National Security Agency spying software last month, which in turn led to Friday’s global ransomware hacking effort, offered to sell code that could be used to hack into phones, computers and software around the world, Reuters reported.
On top of the proposed sales, the Shadow Brokers stated they would conduct a monthly data “dump” beginning in June, dangling the idea that they are in possession of Russian, Chinese, North Korean and Iranian nuclear and missile programs data.
“Q. What is being difference between ransom and sale?” the post began, as the group made it clear it was starting an auction for the data and not seeking ransom.
“A. Sale is buy or no buy, no bad things happen if no buy. Ransom is buy or bad things happen to you. Yes?”
The post, apparently written in broken English intentionally, then delves into claims that the group possesses “zero-days,” or vulnerabilities, in Microsoft’s new operating system Windows 10, and how it could also release data from banks and other financial institutions that use SWIFT, the Society for Worldwide Interbank Financial Telecommunication. The global service allows for private messaging between finance companies and banks.
A Microsoft spokesperson told Reuters the company was “preparing a response” to the threatening blog post.
Shadow Brokers first entered the national and world spotlight in August after they tried to auction off other cyber tools they said had originated from the NSA.
While cyberwarfare has been called the next battleground for nations, the idea that a non-state actor could release information as sensitive as nuclear programs from countries like Russia, China or even North Korea could be far more dangerous than the ransomware hack last week. The North’s repeated testing of missiles and nuclear weapons have put the world on notice and generated significant tension between the U.S. and China, to say nothing of already-murky U.S.-Russia relations.
The hacking effort Friday reportedly affected as many as 300,000 machines in roughly 150 countries, a staggering total that included hospitals in Britain and major companies like FedEx, and experts have initially suspected that North Korea conducted it.
While there has been no consensus on the hack, the North is viewed as a likely suspect because the code used had some similar elements to previous hacks conducted by Kim Jong Un’s regime.