ShadowBrokers – Page 3 – WindowsTechs.com

Cryptocurrency company pushes back against Shadow Brokers’ latest claims

Posted on June 1, 2017 by Cassandra Stephenson

The Shadow Brokers say they will be accepting Zcash for subscriptions to their monthly dumps of leaked NSA files — a decision intended to needle the U.S. government over its role in the cryptocurrency’s creation. But the company that oversees Zcash says that federal agencies have no ties to the cryptocurrency beyond some general connections to its academic roots. In announcing the subscription service, the Shadow Brokers insinuated that Zcash has links to the Defense Advanced Research Projects Agency, other U.S. military agencies and Israel. “Maybe USG is needing to be sending money outside from banking systems? If USG is hacking and watching banking systems (SWIFT) then adversaries is also hacking and watching banking systems. Maybe is for sending money to deep cover foreign assets? Maybe is being trojan horse with cryptographic flaw or weakness only NSA can exploit? Maybe is not being for money?” the blog post written in broken English reads. Though the hacking group has claimed Zcash’s privacy […]

The post Cryptocurrency company pushes back against Shadow Brokers’ latest claims appeared first on Cyberscoop.

Continue reading Cryptocurrency company pushes back against Shadow Brokers’ latest claims→

Crowdfunding Effort to Buy ShadowBrokers Exploits Shuts Down

Posted on June 1, 2017 by Michael Mimoso

A crowdfunding effort to buy a subscription to the ShadowBrokers’ Monthly Dump Service of stolen exploits and data was shut down citing legal and ethical concerns. Continue reading Crowdfunding Effort to Buy ShadowBrokers Exploits Shuts Down→

ShadowBrokers Put Price on Monthly Zero Day Leaks

Posted on May 30, 2017 by Michael Mimoso

The ShadowBrokers announced details on how to subscribe to its Monthly Dump Service, which is available for 100 Zcash. Continue reading ShadowBrokers Put Price on Monthly Zero Day Leaks→

The leaked NSA hacking tool that will wreak havoc for years to come

Posted on May 24, 2017 by Chris Bing

A powerful hacking tool original used by the National Security Agency and subsequently leaked in April by the Shadow Brokers will give defenders problems for years to come as hackers continue to adopt and repurpose the malicious computer code, experts and former U.S. intelligence officials tell CyberScoop. The tool, codenamed EternalBlue, effectively leverages two different coding flaws in older versions of Microsoft Windows to propagate malware on a targeted computer network. In practice, this exploit breaks a network file sharing protocol known as the server message block, or SMB. Although Microsoft promptly released several software updates for affected versions of Windows in March, and then again most recently in May, millions of systems remain unpatched and therefore vulnerable to hackers using EternalBlue. Experts believe that the high-quality exploit will be used in the coming years by both amateurish hackers and sophisticated threat actors to steal information. “EternalBlue will exist and […]

The post The leaked NSA hacking tool that will wreak havoc for years to come appeared first on Cyberscoop.

Continue reading The leaked NSA hacking tool that will wreak havoc for years to come→

How did the WannaCry Ransomworm spread?

Posted on May 19, 2017 by Adam McNeil

Security researchers have had a busy week since the WannaCry ransomware outbreak that wreaked havoc on computers worldwide. How did it all happen?
Categories:
Cybercrime
Exploits
Malware
Tags: botnetDoublePulsarEternalBlueexploitJaff ransomwaremalspa… Continue reading How did the WannaCry Ransomworm spread?→

Next NSA Exploit Payload Could be Much Worse Than WannaCry

Posted on May 17, 2017 by Michael Mimoso

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware. Continue reading Next NSA Exploit Payload Could be Much Worse Than WannaCry→

WannaCry hit U.S. Army machine, marking first federal government infection

Posted on May 16, 2017 by Chris Bing

WannaCry ransomware infected a machine tied to an IP address associated with the Army Research Laboratory, CyberScoop has learned. The information, found on a list of affected IP addresses provided by a security vendor, would mark the first time the ransomware was found on a federal government computer. The security vendor, who provided the data on condition of anonymity to discuss sensitive material, observed communications from the victim IP address to the attackers’ known command and control server on May 12; confirming that the ransomware infection involving the ARL was in fact successful. The IP address is tied to a block parked at a host located at Fort Huachuca, Arizona. The type of machine the IP address is attached to is unknown. While ARL is based in Adelphi, Maryland, the laboratory has multiple outposts, including stations at Fort Huachuca. The Arizona base is also home to the Army’s Network Enterprise Technology Command […]

The post WannaCry hit U.S. Army machine, marking first federal government infection appeared first on Cyberscoop.

Continue reading WannaCry hit U.S. Army machine, marking first federal government infection→

WannaCry Shares Code with Lazarus APT Samples

Posted on May 16, 2017 by Michael Mimoso

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT. Continue reading WannaCry Shares Code with Lazarus APT Samples→

Shadow Brokers return to taunt U.S. government after ransomware spread

Posted on May 16, 2017 by Chris Bing

A mysterious group known for publishing highly classified computer code developed by the National Security Agency returned to the limelight Tuesday with a cryptic message concerning the future release of other government hacking tools and secretive information, including “network data from Russian, Chinese, Iranian, and North Korean nuclear missile programs.” “TheShadowBrokers is having many more where coming from?” a lengthy message posted Tuesday morning by the peculiar group reads, claiming they own “75% of U.S. cyber arsenal.” The message also cites the Equation Group, which has been observed operating in the wild by cybersecurity firm Kaspersky Lab and is believed to associated with an elite hacking unit within the NSA. “This is theshadowbrokers way of telling theequationgroup ‘all your bases are belong to us.’ TheShadowBrokers is not being interested in stealing grandmothers’ retirement money. This is always being about theshadowbrokers vs theequationgroup.” Since the Shadow Brokers posted their first message to […]

The post Shadow Brokers return to taunt U.S. government after ransomware spread appeared first on Cyberscoop.

Continue reading Shadow Brokers return to taunt U.S. government after ransomware spread→

ShadowBrokers Planning Monthly Exploit, Data Dump Service

Posted on May 16, 2017 by Michael Mimoso

The latest rant from the ShadowBrokers ends with news of a subscription service starting in June that will leak exploits and stolen data to paying customers. Continue reading ShadowBrokers Planning Monthly Exploit, Data Dump Service→