back to article Shadow Brokers resurface, offer to sell fresh 'wine of month' club exploits

The infamous Shadow Brokers hacking crew, central players in the release of the vulnerability that led to last week's WannaCrypt chaos, have returned online with a threat to release more exploits. WannaCrypt used the EternalBlue exploit and DoublePulsar backdoor developed by the NSA. These tools were dumped by the Shadow …

  1. frank ly

    Language analysis

    Has anyone tried analysing their statements to see what their native language might be, based on the 'mangled grammar' of the English?

    I realise that this can be faked of course (and probably is), but is it consistently incorrect and does it consistently match any other natural language grammar patterns?

    Is it worth bothering to check?

    1. Zippy's Sausage Factory

      Re: Language analysis

      It actually most reminds me of Pitr from User Friendly, to be honest. And even in the cartoon, his "Eastern European" accent is faked...

    2. hopkinse
      Joke

      Re: Language analysis

      It's the meerkats. They are taking over with their cuddly personas

      1. Sam Haine

        Re: Language analysis

        Well, the meerkats in the adverts are White Russians so you might not be far off.

    3. Kay Burley ate my hamster

      Re: Language analysis

      The punctuation is perfect. Are we sure TSB are not the NSA?

      1. TRT

        Re: Language analysis

        Getting a bit "Swordfish" here, aren't we?

      2. Anonymous Coward
        Anonymous Coward

        Re: Language analysis

        The punctuation is perfect

        Russian, Moscow, whatever School No 80(*) is called nowdays (the one in the small square between the late Stalin period blocks behind the Cosmonaut's arse). You can discern that a graduate is not a native speaker only based on sentence composition and the fact that there are NO PUNCTUATION ERRORS.

        (*)That is where most of the translators working for their ministry of foreign affairs as well as a lot of their diplomats' kids used to go. It is selective, English is taught starting at 7 hours per week from year two, from year 4 all subjects except Russian literature are in English.

    4. The Man Who Fell To Earth Silver badge
      WTF?

      Re: Language analysis

      So tell me again, what makes Shadowbrokers business model intrinsically less dependant on breaking the Law than Ubers?

    5. Anonymous Coward
      Anonymous Coward

      Re: Language analysis

      >Is it worth bothering to check?

      Smells like text which has been mangled through several different languages phrase by phrase using translation software.

    6. Anonymous Coward
      Anonymous Coward

      Re: Language analysis

      Its probably not worth it. Poor grammar, weird inflections and odd use of words is all part of the social engineering.

      Ever tried reading spam and thought "jeez these guys are retards, what kind of dumbass falls for this?", well its all part of the plan...the poor language is a filter of sorts to weed out those likely to spot the scam.

      Those people that can't see the mistakes are the vulnerable people the spam campaign is targeting.

      Id imagine its likely this sort of technique is being used here...not to weed people out but to throw off the scent a bit.

      The cheaper and crappier a video / statement put out by hackers is the more sophisticated a hacking crew is likely to be in my opinion.

      Of course I could be wrong, these guys may well have a poor grasp of English. In a world full of spellcheckers and grammar nazi apps it's unlikely though.

  2. Anonymous Coward
    Anonymous Coward

    Go Shadowbrokers!

    Reading all the depressing news of failure and financial decline at companies like IBM and HP, perhaps we should celebrate Shadowbrokers as a successful growth business? The demands for loads of money against a threat of denying access appears common to both outsourcing and malware sectors.

    In fact, maybe IBM shareholders should ask Watson to tell them who is the management team for Shadowbrokers, and then offer them the top management positions at IBM?

  3. Anonymous Coward
    Anonymous Coward

    "TheShadowBrokers is not being interested in stealing grandmothers' retirement money."

    What happens when someone uses the exploits to create ransomware or steal data on grandmothers and steal all their retirement money anyway?

    Not really thought it through have they.

    Why don't those clowns at the NSA release the exploits to the companies to fix? Silly question I know but it would solve the problem.

    1. Brewster's Angle Grinder Silver badge

      "Why don't those clowns at the NSA release the exploits to the companies to fix?"

      Maybe that's what TheShadowBrokers are hoping for? They only claim to have 75% of the NSA's exploits. Obviously the NSA want to hang on to the remaining 25%, but they probably don't know which exploits they are.

      But perhaps TheShadowBrokers don't even have 75%. Perhaps they have just enough to keep up the illusion and are trying to bluff the NSA into revealing all their exploits. In which case, go Liara!

      1. WatAWorld

        the 75% is just marketing hype.

        Maybe that's what TheShadowBrokers are hoping for? They only claim to have 75% of the NSA's exploits. Obviously the NSA want to hang on to the remaining 25%, but they probably don't know which exploits they are.

        To know you have 75% of the NSA exploits you'd have to know the total number of NSA exploits.

        So I imagine the 75% is just marketing hype.

  4. Anonymous Coward
    Anonymous Coward

    The group goes on to claim that it has spies inside Microsoft among other US technology companies

    != "TheEquationGroup is having spies inside Microsoft and other U.S. technology companies."

  5. Alistair
    Windows

    Using google translate

    with a User Friendly Plugin?

    I find it remarkable that the language used in the announcements is quite so consistent.

    Its being that I am not having much of a monies to get wine of the month and SB dump of the month.

    1. Anonymous Coward
      Anonymous Coward

      Re: Using google translate

      See old research identify bible author styles, or if shakespere or bacon wrotes sonnetz or playz.

      Am 1st seeing this many year ago on bugtraq from 'gobbler', writer of mp3 sploits for mpaa to map gnutella netz or summat.

      Maskirovka.

      1. RichMcc
        Trollface

        Re: Using google translate

        Very similar language and style to GOBBLES Security releases :)

  6. 0laf Silver badge
    Meh

    ROI

    Well they've seen the success of large companies forcing their customers into a subscription model so it's not surprising they would do the same.

    [You need a "follow the money icon"].

  7. Anonymous Coward
    Anonymous Coward

    Holding world+dog at ransom...

    1. hplasm
      Meh

      "Holding world+dog at ransom..."

      Just like a 'proper' IT megacorp...

  8. Infernoz Bronze badge
    Go

    SWIFT exploits, what a surprise!

    not really, given the SWIFT bank client requires obsolete Vista.

    I wonder how long before crypto-currency payment services and/or the Chinese payments system take most of SWIFT's business, and the dollar plunges, because client banks have had enough.

  9. SnowPatrol

    Puzzling

    Why would people pay for this when past experience shows they'll just dump it online anyway?

    1. Rich 11 Silver badge

      Re: Puzzling

      So they can produce a patch to block an exploit before it gets released into the wild.

  10. WatAWorld

    It is countries spying on their own peaceful citizens and future politicians I object to.

    "The NSA's EquationGroup has spies inside Microsoft and other U.S. technology companies, the Shadow Brokers allege."

    If not actual NSA, FBI or CIA "employee spies", then covert agents and subverted employees, as well as people legitimately tasked by the government of their private industry managers to aid the NSA.

    The are probably inside a lot of technology companies from around the world, including those companies based in loyal NATO allies, unaligned countries and 'opposition' countries.

    I don't doubt the UK, Russia, China and Israel attempt to the same.

    It is countries spying on their own peaceful citizens and future politicians I object to.

    Companies in high tech, governments, and government leaders should expect to be spied on by enemies, and by semi-friends. Such entities have the resources to defend themselves.

  11. Anonymous Coward
    Anonymous Coward

    ShadowBrokers is handing out crowbars so that other criminals can steal

    TheShadowBrokers is not being interested in stealing grandmothers' retirement money.

    TheShadowBrokers isn't stealing grandmother's retirement money. No, TheShadowBrokers is handing out crowbars so that other criminals can steal grandmother's retirement money.

    TheShadowBrokers is not alone in doing this sort of thing under the guise of "boosting the security of the internet".

    The difference is that TheShadowBrokers didn't independently discover the exploits it reveals publicly on the open internet for criminals to use.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon