Crowdfunding initiative aims to buy Shadow Brokers leak before threat actors

Pierluigi Paganini June 02, 2017

Crowdfunding initiative aims to buy Shadow Brokers leak before threat actors will start using the hacking tools and exploits in the wild.

The Shadow Brokers hacker group is going to launch a monthly subscription model for its data dumps, 0-Day Exploit Subscriptions goes for (100 Zcash), approximately $24,450 per month.

The hacking tools and exploits that will be released by Shadow brokers in June to subscribers could have a catastrophic impact on every device and computer exposed on the Internet.

The analysis of such tools before they go in the wild is crucial, for this reason, experts launched a crowdfunding campaign to purchase the next batch of Shadow Brokers leaks.

The initiative was launched by the researcher Matthew Hickey of My Hacker House and a researcher who goes by the moniker x0rz. The goal is to raise $25,000 to buy the exploits, analyze them and allow affected vendors to patch the vulnerabilities in their products.

“If you ever want to hear a lawyer shout expletives at volume down a phone, you need to call him and tell him that you have created the first open source crowd-funded cyber arms acquisition attempt,” Hickey said in a statement via his Twitter account.

“It transpires that should funds change hands from ours to the Shadow Brokers, we would be certainly risking some form of legal complications,” Hickey said. “It was just too risky and the advice was under no circumstances to proceed further with this.”

 Shadow Brokers

The initiative raised the debate on the ethics of buying hacking tools and exploits from groups like ShadowBrokers. Some experts believe that isn’t a good idea to deal with criminals even if the initiative aims to protect online users.

Below the Tweet published by x0rz, due to legal reasons, he is retracting from crowdfunding to acquire the Shadow Brokers dump.

Hickey told ThreatPost “there were a number of considerations around the crowdfunding effort, such as keeping it open and allowing the ShadowBrokers to claim it on the condition they privately disclosed, that the data could be validated prior to payment and that the group would work with researchers on getting vulnerabilities patched and/or mitigated.”

“There is just no way around the complication of paying them and putting our own freedoms at risk, we have to respect that opinions are equally divided on this topic,” Hickey said.

Stay tuned!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Shadow Brokers, hacking)

[adrotate banner=”13″]

you might also like

leave a comment