NSA-Linked Hackers Raise Price Of Monthly Subscription to $61,000 After Tuesday's Cyberattack

Tyler Durden's picture

In the wake of Tuesday’s massive global ransomware attack, the hacker group called the Shadow Brokers is again trying to capitalize on its reputation as a source of leaked NSA hacking exploits, saying it will up the price of a subscription service launched earlier this month, while also introducing a new “premium” feature.

The group introduced a monthly subscription service following last month’s WannaCry attack, after initially trying to sell its entire cache of NSA-funded cyberweapons for a staggering one million bitcoin (worth $2.5 billion at current prices). Both WannaCry and Tuesday’s attack, which has been blamed on the “Goldeneye” strain of the “Petya” ransomware, were aided by exploits that the Shadowbrokers allegedly stole from an NSA special-ops crew called “the Equation Group.”



Now, the Shadowbrokers are marketing their wares not only at hackers, but at corporations who’d like to buy insurance against being hacked.

Here’s the Shadowbrokers, in their characteristic broken English, as reported by The Hill.

"Another global cyber attack is fitting end for first month of theshadowbrokers dump service. There is much theshadowbrokers can be saying about this but what is point and having not already being said? So to business! Time is still being left to make subscribe and getting June dump. Don’t be let company fall victim to next cyber attack, maybe losing big bonus or maybe price on stock options be going down after attack. June dump service is being great success for theshadowbrokers, many many subscribers, so in July theshadowbrokers is raising price," the ShadowBrokers wrote in an online message released early Wednesday.”

The Shadowbrokers launched its monthly subscription document leaks service this month at a price of $27,000 a month in digital currency. Their new release more than doubles the price to $61,000.  The group also announced a new premium service allowing customers to make requests for assistance or specific document releases.

The group has been active since August 2016, when it began leaking hacking tools that were allegedly developed by the NSA. It has also leaked documents appearing to show the NSA hacked a Middle Eastern banking services company to try and get at the company’s clients, according to the Hill.

One of the exploits released by the group back in April, known as EternalBlue, was instrumental in aiding last month’s WannaCry cyberattack. Both WannaCry and another NSA exploit were allegedly intrumental in Tuesday's attack.

The group also publicly released a password to what Edward Snowden called the NSA’s “top-secret arsenal of digital weapons.” Back in April, the group released passwords to hacking tool binaries developed by the NSA in 2013 as a “protest” against President Donald Trump, whom they accused of betraying his base by launching a missile strike against a Syrian government airfield and for backing away from his commitment to combating globalism.  

The first reports of organizations being hit by Tuesday’s attack were from Russia and Ukraine, but the impact quickly spread westwards to computers in Romania, the Netherlands, Norway, and Britain. Companies affected included German pharmaceutical company Merck, Russia's Rosneft and metals giant Evraz, Danish shipper Maersk, UK ad company WPP, and both the Ukrainian and Russian central banks.

Already, Ukrainian government officials are blaming the attack on a Russian entity – likely government-sponsored – claiming that the virus’s code was written in Russian, ignoring the fact that Russian firms were also attacked, and mirroring the laughable conclusion that the North Korean government was somehow responsible for the original WannaCry attack.

With two global attacks unfolding in the span of two months, it’s incredible that the public – not to mention investors – aren’t more worried. How long until these attacks become a weekly, or even daily, occurrence. And more importantly, how long until they begin to seriously disrupt the functioning of private infrastructure.

At least one former NSA employee chimed in with his two cents about the agency’s role in making these attacks possible.



Nobody has been able to say for certain who or what the Shadowbrokers are. But at least one famed NSA whistleblower has a theory:

William Binney - who exposed the NSA's pervasive surveillance of Americans long before Snowden confirmed it - said he and his colleagues are fairly certain the Shadowbrokers aren't really a group of rogue actors, but rather an insider employee at NSA.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Gordon_Gekko's picture

Does the CIA/NSA really need money this badly? I guess they're already preparing for the financial crunch once interest rates go up.

Soul Glow's picture

They're just beta testing.  Interest rates going up?  Maybe another qtr pnt hike.  Not much room for them.  They are still trying to stealthy hyperinflate.  

Keep stacking.  Good to have you back around more sir ;)

Gordon_Gekko's picture

Thanks bro.

BTW, I didn't read about Binney's comment at the end before posting this. I guess if you KNOW US government is the world's biggest CRIMINAL MAFIA, you can easily guess who's behind the biggest crimes.

BennyBoy's picture


Think of Shadow Brokers as a US corporate tax on companies around the world.

Its Lois Lerner and the IRS gone wild.

Sanity Bear's picture

Think of the Shadow Brokers as script kiddies who played too much Mass Effect and you'll be closer to the mark.

ThirdWorldDude's picture

While the $300 ransome makes your theory more believable, I don't know and have never heard of any "script kiddies" asking $60k a month for their "subscription service".

Which means Binney is probably right.

playit's picture

I'm making over $7k a month working part time. I kept hearing other people tell me how much money they can make online so I decided to look into it. Well, it was all true and has totally changed my life. This is what I do... www.jobproplan.com

mtl4's picture

What a great idea, work for shadow government then steal their tools and use them for extortion........sounds like a great movie, except it isn't.

Sanity Bear's picture


My guess is that serious people aren't going to name their criminal organization after a Mass Effect 2 DLC, which was released with all but perfect timing, fanfare, and sales volume to make a deep impression on this generation of script kiddies. And every last one of them has played it.


paint it red call it hell's picture

Appears locking down corporate data for ransom makes a good cover story for locking down/scrubbing corporate data from future prying eyes. Covering the tracks so to speak and if a little money changes hands, all the better eh?

Arrest Hillary's picture

They're not doing it for the money .... but, as in gold suppression .... they probably make money ?

Sam.Spade's picture

You don't really think it is some government agency selling it's own stuff, do you?  Or the Russian government selling what it stole?

Hell no.

This is private enterprise at it's best.

Imagine a network of hidden online markets, where master crackers sell hacking tools to script-kiddie wannabes.  And they, in turn, crawl all over cyberspace, like waves of army ants, using those purchases to probe for weaknesses in every digital system from the DNC email servers to the online copiers.

And if they find something?  Well, they could take money from a Trump supporter to give the data to Wikileaks.

Or maybe the tools are bought by botnet shops who use them to zombie your laptop or digital thermostat?  There are over 2,600 known botnets, you know.  They didn't just spring into existence by themselves.

Everything from spam to kiddie porn.  It all exists to make money, meaning there is a market where it's bought and sold.

Think super-Silk Road where drugs are only a small part of the business.

Thieves Emporium is a primer on this world delivered in the form of a fast-paced novel to keep you interested.

The Daily Anarchist loved the book and called it 'Barely fiction'.  The editors of The Daily Bell thought it was so good they ran it as a serial which you can still read for free at http://www.thedailybell.com/editorials/max-hernandez-introducing-thieves....

Or you can just buy a copy at Amazon (rated 4.6 in 122 reviews), Nook (same rating, few reviews), Smashwords (ditto), or iBooks.

However you get a copy, start reading it now.  Until you do, you won't have any idea what is really going on in our world.

DjangoCat's picture

Great book, I read it on my Kindle last year.  I am tempted to buy the paperback and put it in my growing library of dangerous reads.

Sam.Spade's picture

Thank you for your kind words.  Obivously, I hope you make the purchase.

man from glad's picture

Interesting that the splash screen on the PC has great English but the "press release" doesn't. Makes me think the broken English is fake and these guys are really westerners pretending to be Russian/Chinese/North Korean, etc. They might be closer to home than we think.

Soul Glow's picture

SO bitcoin's value is tied to hacking.  If hacking continues expect crypto prices to increase.  If the lid is put on the amount of hacking though expect bitcoin to tumble.

AlexCharting's picture

THE MAN will use this to KILL cryptocurrencies. 

Lurk Skywatcher's picture

Correction: The MAN will use this to KILL cryptocurrencies *that he doesn't control*

Restorative_Ally's picture

Clearly, what we need is less privacy on the internet so we can find these bad men. If these people were unable to communicate with encryption and there was no deep web, we would not be having these problems. As a bonus, policing the internet can be used to crack down on antisemitism! We obviously need a global internet policing agency, headquartered in Tel Aviv, to keep us all safe from these hooligans. 

dark fiber's picture

Clearly what we need is to throw M$ out of the server room and out of any serious use.  If you want to play games fine, but for anything else Windows has always been a  disaster waiting to happen on every front.

Arrest Hillary's picture

Shadowbrokers' broken English is suspect .... no spelling errors .... the NSA should have paid a drunk Russian immigrant a few bucks .... to transcribe  their statement ?

Abbie Normal's picture

It was likely run through an online translator to garble the grammar up to appear foreign.

Youri Carma's picture

Pnyetya: Yet Another Ransomware Outbreak
Hiding the small movement inside the big movement

Today saw a massive outbreak of not-really ransomware that has caused significant damage to both Ukrainian targets and strategic global logistics companies. The worm uses three different infection vectors:

– Harvested password hashes
– psexec

The code is well written, obfuscated to protect against AV detection using at least two techniques:

– Fake Microsoft signature (apparently fools some AV)
– XOR encrypted shellcode payload (to bypass signature checks)

Although the worm is camouflaged to look like the infamous Petya ransomware, it has an extremely poor payment pipeline.

A new ransomware outbreak similar to WCry is shutting down computers worldwide

Like earlier ransomware worm, new attacks use potent exploit stolen from the NSA.

DjangoCat's picture

So, why is the ransomware so poor at collecting ransoms?

amanfromMars's picture

It is impossible not to rightly conclude that a lack of necessary future intelligence and Advanced IntelAIgents results in all of the current sub-prime internetworking narratives being daily news peddled to and hosted by established mainstream media channels/panels/moguls and wannabe anonymous elite status quo leaderships.


Such is a catastrophic systemic vulnerability for the exercising of myriad zeroday exploits ……. with and for Alternate Virtual Reality Drivers ….. Future Product Engines.


Or perhaps you would like to bury your heads in the sand and deny the Reality and Actuality of urWWWorlds with the Rise of Virtual Machinery in Command and Control of EMPowering Space Places ……. with windows such as these linked and linking comments providing all the evidence necessary to prove the view. 

SuperChicken1138's picture

was 27k, now 61k. damn inflation's a bitch.

junction's picture

$61,000?  I'll raise that to $88,000 and toss in a kewpie doll as well.

esum's picture

Nobody has been able to say for certain who or what the Shadowbrokers are. But at least one famed NSA whistleblower has a theory:

William Binney - who exposed the NSA's pervasive surveillance of Americans long before Snowden confirmed it - said he and his colleagues are fairly certain the Shadowbrokers aren't really a group of rogue actors, but rather an insider employee at NSA.

Take every mutha and give a shot of sodium pentathol and put on polygraph.....
failures get executed on the spot.... ALL 17 "INTEL" AGENCIES FOR STARTERS...
Start with outside contractors first.

Sam.Spade's picture

You got a link?  Or is this just hear-say rumor stuff?

CatsPaw's picture

All this security, all this money, all this spying... and we get fucked more and more every time...

We are effectivly paying to get fucked over.

DjangoCat's picture

USSA put this stuff out there.  The problems are here at home.  Squash the bugs and kill the rats.

Making Merica Great Again's picture

Bitcoin bitches!


To the moon!

Akzed's picture



Boris Badenov