This past weekend, Windows computers around the world were affected by the WannaCry ransomware attack. While Microsoft issued a security patch for Windows Server 2003, Windows XP, and Windows 8 to patch the WannaCry exploit, the hacking group linked to the original attack is now hinting that they will soon release and sell the codes for much newer exploits, which could, in turn, be used to attack Windows 10, and phone handsets (via Reuters)
According to reports, the Shadow Brokers group released an online statement in “trademarked garbled English” highlighting that starting in June, they will release software to those who are willing to pay to access the tech industry’s secrets. The statement also shows that a “monthly data dump” has been set up, which could offer hackers the necessary tools to break into routers, phones, and even web browsers.
Worryingly, reports show that the Shadow Brokers also has plans to sell access to undisclosed vulnerabilities which could be used by hackers to attack Windows 10. Though the Shadow Brokers’ online statement did not mention any other tech industry product by name, there was mention of threats to dump data from banks using the SWIFT international money transfer network and to dump data from Russian, Chinese, Iranian or North Korean nuclear and missile programs.
Microsoft has not yet given a statement in regards to the latest threats and a spokeswoman is instead saying to Reuters that the company is “preparing a response.” Since the WannaCry attacks are believed to have been based on an NSA exploit codenamed “EternalBlue,” Microsoft released a statement about the WannaCry attacks and criticized the government for stockpiling software vulnerabilities. The US government responded at a White House briefing via homeland security advisor Tom Bossert on Monday, saying the malware “was not a tool developed by the NSA to hold ransom data. This was a tool developed by culpable parties, potentially criminals or foreign nation-states.”