Shadow Brokers publishes new note in the wake of the NotPetya malware attack

Group also threatens to dox someone called "the Doctor"

The Shadow Brokers, the hacking group of unknown provenance that has been spilling various compromised US National Security Agency exploits since August last year, has returned.

Its new statement gloats at recent global security attacks and threatens to a Twitter troll that, the group claim, probably works for the NSA and the so-called Equation Group.

The message was released hours after the world started panicking about the Petya/NotPetya ransomware attack, and isn't exactly sympathetic. It is proud of the response to the vulnerability subscription service that it recently launched.

"Another global cyber attack is fitting end for first month of theshadowbrokers dump service. There is much theshadowbrokers can be saying about this but what is point and having not already being said? So to business! Time is still being left to make subscribe and getting June dump," it says in a note posted online.

"Don't be let company fall victim to next cyber attack, maybe losing big bonus or maybe price on stock options be going down after attack. June dump service is being great success for theshadowbrokers, many many subscribers, so in July theshadowbrokers is raising price."

That's not a machine translation - that's how it is presented. The rest of the message carries on in the same manner.

However, it appears that someone called 'the Doctor' has annoyed the group, a person that the group and is, apparently, mocking the grammar of its posts. It has threatened to dox the individual and expose them.

"TheShadowBrokers is thinking 'doctor' person is former EquationGroup developer who built many tools and hacked organization in China. TheShadowBrokers is thinking 'doctor' person is co-founder of new security company and is having much venture capital," it said.

"TheShadowBrokers is hoping 'doctor' person is deciding to subscribe to dump service in July. If theshadowbrokers is not seeing subscription payment with corporate email address of [email protected] then theshadowbrokers might be taking tweets personally and dumping data of 'doctor' persons hacks of China with real ID and security company name.

"TheShadowBrokers is thinking this outcome may be having negative financial impact on new security companies international sales, so hoping 'doctor' person and security company is making smart choice and subscribe. But is being 'doctor' persons choice. Is not being smart choice to be making ugly tweets with enough personal information to DOX self AND being former equation group AND being co-founder of security company."

We cannot be sure whether it would be worth signing up to the new VIP service that the Shadow Brokers are offering, least of all because the group admitted that it may not even deliver its side of the deal.

It is aimed at all those people who have asked the Shadow Brokers for bespoke hacks on things, and is probably designed to put these people off.

"In past theshadowbrokers is not taking request or providing individual services. This changes with VIP Service. For one time payment of 400 ZEC you getting theshadowbrokers VIP attention. VIP Service is no guarantee of future good or services, negotiation for those is being separate," it explained.

"Haters will be saying this is joke, not serious, who will be paying just to talk to theshadowbrokers? Some party is already paying where do you think theshadowbrokers is getting idea."