It may end up looking like eBay for shadow brokers. According to a BBC article, “Security researchers are considering buying undetected software security vulnerabilities from a notorious group of hackers.” But it might not stop there. Other groups may decide to purchase the code and security holes which could end up in a bidding war for the valuable data.
By now, most people know that operating systems such as Windows 10, and Apple’s iOS have security flaw that are often patched (or fixed) by the software companies. These flaws can give cyber criminals backdoor access to computers across the globe like we saw with the Wannacry outbreak.
In June, The Shadow Brokers group wants to sell a group of unknown flaws for around $22,000.
Once the announcement was made, a group of security researchers set up a crowd-funding campaign to buy the exploits before they could be used as a threat.
According to the BBC article, Matthew Hickey from the cyber-security firm Hacker House said “There’s a 50-50 split on whether it is a good idea and whether it would encourage Shadow Brokers to continue their activities.”
The article also quoted security researcher Kevin Beaumont as tweeting: “Individuals and corps funding criminals is insane.”
“Here’s an idea – [the NSA] should inform all vendors of bugs now since they’re being traded on black market.”