This story is over 5 years old.

Newly Leaked Hacking Tools Were Worth $2 Million on the Gray Market

The new Windows hacking tools allegedly stolen from the NSA were worth a lot of money before they were dropped for free on the internet.
Image: Romolo Tavani/Shutterstock

UPDATE: Microsoft has patched the majority of the exploits released by The Shadow Brokers. More details can be found here, and the company recommends updating to a supported version of Windows and downloading security fixes.

The original story follows below:

On Friday, the mysterious hacking group known as The Shadow Brokers dropped a huge treasure trove of alleged NSA hacking tools that are capable of breaking into millions of computers and servers all over the internet. In the process, they also burned a chance to make more than $2 million dollars, according to an estimate.


The hackers dumped several previously unknown and undisclosed exploits that work on multiple versions of Windows operating systems, giving malicious hackers all over the world a chance to easily repurpose them and attack millions of computers. The exploits affect almost all Windows systems, including the server versions from NT, 2000, 2003, 2008 and up to 2012, as well as the consumer versions XP, Vista, 7 and Windows 8, according to security researchers who are analyzing the dump.

If the hackers had sold these exploits to firms that acquire zero-days and then resell them to intelligence agencies, they could have fetched more than $2 million overall, according to Chaouki Bekrar, the founder of one of those firms.

Read more: Your Government Hacking Tools Are Not Safe

"The fuckers burned $2 millions with one zip file," Bekrar, who's the CEO and founder of Zerodium, told Motherboard in an online chat. "From an offensive perspective this leak is a huge loss, from a defensive perspective the leak is a massive threat to millions of Windows systems. Let's hope MS will fix these quickly."

Bekrar explained if he had to buy them, all the exploits codenamed "ETERNAL," the ones that attack the SMB network protocol, were worth more than $250,000 each. Overall, given that there are at least five zero-days in the dump, all the exploits would've been worth $2 million total.

"But now they're worth $0 lol," Bekrar said. That's because they're now available to anyone.


When they emerged last year, The Shadow Brokers dropped a series of old NSA exploits for routers and VPNs. The group also promised they had more valuable, interesting hacking tools, but they didn't publish them, and instead launched a ridiculous-sounding auction. If someone gave them 1 million bitcoin, they promised to drop them publicly. (As of Friday, their bitcoin has only received 10 bitcoin, or around $12,000.)

But, of course, no one did.

"Who would had believed that? We all thought they were trolling," Bekrar said.

As it turns out, they weren't.

Motherboard is nominated for three Webby Awards for Best Science YouTube Channel , Best Drama , Best Tech/Science Podcast . Please vote for us!