CBSN

Mysterious Shadow Brokers group re-emerges to taunt U.S. intelligence

PARIS -- The day after a particularly virulent strain of ransomware burst across the globe, the mysterious Shadow Brokers group has re-emerged to taunt the U.S. National Security Agency. 

It's a possible hint at the shadowy spy games being played behind the scenes of the cybersecurity crisis that struck Ukraine, Russia and countries around the world Tuesday.

The Shadow Brokers, who have spent nearly a year publishing some of the American intelligence community's most closely guarded secrets, posted a new message to the user-driven news service Steemit on Wednesday carrying new threats, a new money-making scheme and nudge-nudge references to the ransomware explosion that continues to cause disruption from Pennsylvania to Tasmania.

"Another global cyber attack is fitting end for first month of theshadowbrokers dump service," the group said, referring to a subscription service which purportedly offers hackers early access to some of the digital NSA's break-in tools. "There is much theshadowbrokers can be saying about this but what is point and having not already being said?"

The group emerged in 2016 when it tried to auction top-secret NSA tools and exploits. One of those exploits allowed hackers to take advantage of a security gap in older versions of Microsoft Windows. The NSA exploit, known as EternalBlue, was used to cripple 300,000 computers in 150 countries in an unprecedented ransomware attack in May. The hackers made over $70,000 by requiring payment for users to regain access to sensitive data.

Russian cybersecurity firm Kaspersky Lab said its initial investigation into Tuesday's attack suggests the use of a new type of ransomware software that has not been seen before.