Jump to content

Recommended Posts

Posted

_96299369_gettyimages-684726904.jpg

Security researchers have cancelled plans to buy potentially undetected software security vulnerabilities from a notorious group of hackers.

The plan involved buying hacking tools offered by the Shadow Brokers and then protecting computers before they could be targeted by cyber-criminals.
But critics had argued that the Shadow Brokers should not benefit in this way.
One of the researchers behind the plan said the scheme was being abandoned for "legal reasons".
Some critics had warned that paying the Shadow Brokers for access to their hacking tools, even with honest intentions, could be illegal.
50-50 split

The Shadow Brokers previously sold access to hacking tools allegedly stolen from the US National Security Agency - but often released the vulnerabilities for free later anyway.
One of the tools was used to help spread the WannaCry malware that affected thousands of organisations worldwide, including the UK's NHS.
The hacking group currently plans to sell a new batch of security exploits, for a payment via the crypto-currency Zcash, worth about $22,000 (£17,000).

On Tuesday, two security researchers set up a crowd-funding campaign to buy access to the exploits, so the vulnerabilities could be fixed instead.
But the idea divided the cyber-security community.
"There's a 50-50 split on whether it is a good idea and whether it would encourage Shadow Brokers to continue their activities," said Matthew Hickey from the cyber-security firm

Hacker House, who set up the crowd-funding campaign.
Others were more outspoken: "Individuals and corps funding criminals is insane," said security researcher Kevin Beaumont.
Announcing the closure of the crowd-funding campaign on 1 June, Mr Hickey said: "If you ever want to hear a lawyer shout expletives at volume down a phone, you need to call him and tell him you have created the first open source crowd-funded cyber-arms acquisition attempt.
"It transpires that should funds change hands from ours to the Shadow Brokers we would certainly be risking some form of legal complications."

Those who have donated to the campaign using Bitcoin can seek a refund, and any unclaimed funds will be donated to online rights group the Electronic Frontier Foundation.
'Game involves risks'
The Shadow Brokers group has not specified what buyers will get if they pay the $22,000 bounty and has offered no guarantee that buyers will be rewarded at all.
"If you caring about loosing $20k+ Euro then not being for you... playing 'the game' is involving risks [sic]," the group said in a blog post.

Source: http://www.bbc.com/news/technology-40107099

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.