Mangled sourcecode

UPDATE [June 1, 05:00 AM ET]: Due to legal concerns, the team behind this campaign has pulled out and shut down the project. Statements here and here. The original article is below.

A group of security researchers have set up a Patreon page to raise funds necessary to buy their way into the first batch of monthly exploit the Shadow Brokers promised on Tuesday.

The four researchers are Matthew Hickey (@HackerFantastic), @X0rz, Nicholas Weaver (@ncweaver), and Tim Strazzere (@timstrazz).

Researchers want to prevent another WannaCry outbreak

According to their Patreon crowdfunding campaign statement, the four say they've decided to go this route after seeing the devastating damage caused by the WannaCry ransomware earlier this month.

The ransomware's virulent outbreak was driven by two hacking tools the Shadow Brokers leaked in mid-April, which the hackers claim to have stolen from the Equation Group, a codename given in the infosec business to the NSA.

Following the WannaCry outbreak, the Shadow Brokers announced they would be releasing monthly dumps of more NSA hacking tools.

Yesterday, the group announced more details about this monthly dump release schedule. According to their blog post, anyone interested in receiving June's exploit dump must send 100 Zcash (around $22,000) to a Zcash address by the end of June, along with an email address.

The Shadow Brokers say that by July 17, all subscribers will receive a mass email containing that month's exploit dump. The hackers teased exploits and data such as:

⎆ web browser exploits
⎆ router exploits
⎆ mobile handset exploits and tools
⎆ items from newer Ops Disks
⎆ exploits for Windows 10
⎆ compromised network data from more SWIFT providers and central banks
⎆ compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

Researchers want to pass on exploits to affected vectors ASAP

The four researchers hope to gather the funds they need to pay the 100 Zcash fee and subscribe to June's monthly dump.

Their intentions are to get hold of the exploits and pass them along to vendors as soon as possible. Patreon campaign backers will also receive a copy of the exploits, but not before vendors.

The researchers knew the gray area they were entering when they opened this crowdfunding effort.

There's an unspoken rule that infosec vendors should not buy products from exploit vendors. Some security researchers agree with this rule, while others don't.

One camp says that "good guys" should never fund "bad guys," while another camp claims it's more important to protect end users by paying the monthly fee and informing vendors to release patches as soon as possible. The divide between these two camps is shown in a Twitter poll one of the researchers created before opening the Patreon campaign.

There's no evidence Shadow Brokers have new exploits

Furthermore, there's also the theory that the Shadow Brokers have no more exploits. In the past, the Shadow Brokers leaked some exploits to prove their claims, and eventually leaked all the data they've been advertising since August 2016.

The group's recent claims (browser exploits, Windows 10 exploits, nuclear program data) have never been proven to be true. Some argue the Shadow Brokers are throwing an exit scam before disappearing for good.

Furthermore, the group is closely following the infosec domain. There's also the fear that The Shadow Brokers would dump raw data or less dangerous exploits to troll the people and researchers who organized the Patreon campaign and potentially discourage a similar effort for the month of July.

At the time of writing, the Patreon page has 26 patrons and $2,243 in funds, which is around 10% of the sum needed. Researchers also set up a Bitcoin wallet (1Crowd7HcL54mfHdkgwBDaCP8hegirqra2) for the people who'd like to submit an anonymous donation, which will be added to the Patreon total. Researchers received four donations for 0.26 Bitcoin ($600).