Two security researchers, supported by a number of others, have launched a fund-raiser aimed at collecting enough money to buy the next set of NSA security exploits offered by the Shadow Brokers group.
The two are Matthew Hickey (@HackerFantastic) and @X0rz, both of whom are well known.
The Shadow Brokers, a group that is claimed to have Russian links, said on Tuesday that it would be releasing exploits through subscriptions this month, and asked for 100 Zcash (about $30,000 at Wednesday's exchange rates) for what it planned to release.
The group released a number of NSA exploits in April, after having failed to attract a buyer; one of the exploits was used to craft the WannaCry ransomware, giving the group a great amount of publicity.
{loadposition sam08}Its claims about the exploits being from the NSA were verified when reports of the spy agency informing Microsoft about the leak and asking the software company to issue patches appeared in the media.
The two researchers said in their campaign, launched on Patreon, that "by paying the Shadow Brokers the cash they asked for we hope to pool resources and avert any future WannaCry type incidents".
They appealed to the NSA to make known any possible damage that could result from further exploits which were known to be missing. It has been reported that the exploits which the Shadow Brokers dumped in April were all from former NSA contractor Harold Martin.
"If the NSA are willing to inform us about what it is they have lost, the capabilities and vulnerabilities it has exploits for — so that we can make informed decisions to defend our networks — then we will withdraw from this option," they wrote.
"We need accurate guidance to be able to defend our networks and so far that guidance is not forthcoming from anywhere else."
Last month, the Shadow Brokers said the exploits released in June would include:
- Web browser, router, handset exploits and tools;
- Select items from newer Ops Disks, including newer exploits for Windows 10;
- Compromised network data from more SWIFT providers and Central banks; and
- Compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programmes.
At that time, the group hinted that if "the responsible party" — meaning the NSA — bought all the exploits it had, then it would ""go dark permanently" or disappear.
The two researchers said they were attempting to buy the exploits in order to "release any and all information obtained from this once we have assessed and notified vendors of any potential 0-days".
"We are not in the business of making infrastructure more insecure and should we obtain any data from this we will ensure it is handled with due diligence and responsibility," they wrote.
They said if they failed to obtain the necessary funds, any money raised would be donated to a charitable cause and cited the EDRI and the EFF as two likely recipients.