News Stay informed about the latest enterprise technology news and product updates.

The Shadow Brokers cancel the auction of NSA cyberweapons

The first auction of NSA cyberweapons didn't generate much money for the Shadow Brokers, so the group is changing tactics with a direct sale of the files.

The auction of NSA cyberweapons didn't go as planned, but the Shadow Brokers are still hoping for a big payday...

by ditching the auction format in favor of a more direct crowdfunding scheme.

The Shadow Brokers have a cache of cyberweapons and exploits from the advanced persistent threat group known as the Equation Group, which was said to be tied to the National Security Agency (NSA). Per the rules of the original auction, the highest bidder would receive the files, and the Shadow Brokers promised to release more files if the total bidding reached 1 million bitcoin. However, the auction went badly, with bids totaling just 1.76 bitcoin and a high bid of 0.08 bitcoin.

"We prefer [to] sell in bulk to [a] more responsible party. One more likely to disclose than hurt peoples [sic]," the Shadow Brokers wrote before ending the auction. "Maybe a government, security company, [or] wealth[y] individual [will] step up, do [the right] thing, get seen doing it. If not, we assume no one [is] interested and we start selling on the underground. Lots of transparency and disclosure there. This [is] how much they care about people's personal data, financial info and security, 1.5 [bitcoin]."

With the new conditions of sale, the Shadow Brokers have a much more modest goal of 10,000 bitcoin. And if that goal is met, they will publicly post the password to the dump of NSA cyberweapons. The Equation Group files have been verified with a limited release of the data, and the Shadow Brokers claimed to have more unreleased files; the Shadow Brokers group has claimed it released only 60% of its alleged cache of cyberweapons.

"You seeing 'Firewalls' toolkit, includes remote exploits, privilege escalations, persistence mechanisms, [remote-access Trojans], LPs [listening posts] and post-exploit collection utilities. Complete package for [someone] to run own operations. The Shadow Brokers is having more Equation Group toolkits for other platforms, [such as] Windows, Unix/Linux, routers, databases, mobile, [and] telecom. Newer revisions, too," the Shadow Brokers wrote. "The auction file is [a] toolkit for one of [the] other platforms. [It] includes remote exploits, local exploits/privilege escalations, persistence mechanisms, RATs, LPs, [and] post-exploit collection utilities. Value estimated in millions of euros/dollars."

The Shadow Brokers initially released 300 Mb of files, which experts said were genuine and included exploits for Cisco and Juniper product vulnerabilities.

Next Steps

Learn more about the leaked Cisco vulnerability found in the Shadow Brokers dump.

Find out what the NSA cyberweapons release means for advanced attack defense.

Get info on the questions surrounding the Shadow Brokers cyberweapons dump.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What do you think of the sale of NSA cyber weapons by the Shadow Brokers?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close