Shadow Brokers, the group that leaked parts of US national security agency’s (NSA) cyber weapons stockpile which formed the basis of the recent WannaCry ransomware, said it would release hacking tools every month to those willing to pay for it.
The threat came as the cyber extortion campaign launched by as yet unidentified hackers waned. More than 300,000 computers were infected by the WannaCry malware since Friday, locking down computers and robbing businesses and individuals of potentially important files.
WannaCry spread using a flaw in versions of the Microsoft Windows operating system that were leaked in mid-April by Shadow Brokers, which said it had found the exploits in NSA servers that it had breached earlier. The malware threatened to wipe those files out in a week if victim did not pay up $300-$600.
According to Reuters, Shadow Brokers promised in a blog on Tuesday to release from June tools every month to anyone willing to pay for access to some of the tech world’s biggest commercial secrets starting next month.
It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs. “More details in June,” it promised.
Microsoft said on Tuesday it was aware of Shadow Brokers’ most recent claim and that its security teams monitor potential threats in order to “help us prioritise and take appropriate action.”
Microsoft president and chief legal officer Brad Smith said earlier this week the WannaCry attack used elements stolen from the NSA. The US government has not commented directly on the matter.
The creators of the WannaCry malware have not yet been identified but experts see clues that point to a possible North Korean involvement.