Shadow Brokers Leaks Around Other Windows Hacking Tool Stolen From Nsa’S Arsenal

The Shadow Brokers, a notorious hacking grouping that leaked several hacking tools from the NSA, is in i lawsuit once again making headlines for releasing to a greater extent than or less other NSA exploit—but exclusively to its "monthly dump service" subscribers.

Dubbed UNITEDRAKE, the implant is a "fully extensible remote collection system" that comes with a release of "plug-ins," enabling attackers to remotely convey amount command over targeted Windows computers.

In its latest post, the hacking grouping announced a few changes to its monthly dump service together with released encrypted files from the previous months every bit well.

Notably, the September dump also includes an unencrypted PDF file, which is a user manual for the UNITEDRAKE (United Rake) exploit developed past times the NSA.

According to the leaked user manual, UNITEDRAKE is a customizable modular malware with the mightiness to capture webcam together with microphone output, log keystrokes, access external drives together with to a greater extent than inwards guild to spy on its targets.

The tool consists of 5 components—server (a Listening Post), the organization management interface (SMI), the database (to shop together with create create stolen information), the plug-in modules (allow the organization capabilities to endure extended), together with the customer (the implant).

Snowden Leak Also Mentions UNITEDRAKE

UNITEDRAKE initially came to lite inwards 2014 every bit a purpose of NSA's classified documents leaked past times its quondam contractor Edward Snowden.

The Snowden documents suggested the means used the tool amongst other pieces of malware, including CAPTIVATEDAUDIENCE, GUMFISH, FOGGYBOTTOM, GROK, together with SALVAGERABBIT, to infect millions of computers around the world.

• CAPTIVATEDAUDIENCE is for recording conversations via the infected computer's microphone
• GUMFISH is for covertly taking command over a computer’s webcam together with snap photographs
• FOGGYBOTTOM for exfiltrating Internet information similar browsing histories, login details together with passwords
• GROK is a Keylogger Trojan for capturing keystrokes.
• SALVAGERABBIT is for accessing information on removable flash drives that connect to the infected computer.

New Terms for Shadow Brokers Monthly Dump Service

The Shadow Brokers is similar a shot exclusively accepting payments inwards ZCash (ZEC) from its monthly subscribers, rather than Monero since it uses clear text e-mail for delivery, together with has also raised the rates for exploits, demanding around $4 Million.

The grouping demanded 100 ZEC when it started its first monthly dump service inwards June, simply similar a shot the hackers are demanding 16,000 ZEC (which costs $3,914,080 inwards total) for all NSA dumps. Zcash currently trades at $248 per unit.

Those who desire to hit access exclusively to the September dump that includes the novel NSA malware files ask to pay hackers 500 ZEC.

The Shadow Brokers gained popularity afterwards leaking the SMB zero-day exploit, called Eternalblue, that powered Wannacry ransomware assault that crippled large businesses together with services around the footing inwards May.

After that, the mysterious hacking grouping announced a monthly information dump service for those who desire to expire exclusive access to the NSA arsenal, which they claim to lead maintain stolen from the means final year.

Share This :