In what has now become its trademark broken English, the Shadow Brokers refused to provide any details of what was likely to be in the next dump.
"This is being wrong question. Question to be asking “Can my organisation afford not to be first to get access to theshadowbrokers dumps?" it wrote.
Asked why Zcash was sought for transactions, the group said it was doing so only in June and if it found that it was not a good choice, then some other currency would be used in July.
Exactly who will pay in order to obtain exploits from the group remains to be seen. It would have to be someone with deep pockets as the asking price is more than $30,000.
Asked who would buy exploits at this price and how many people would think it was right to do so, Trend Micro senior architect Dr Jon Oliver replied: "If the next dump is as revealing as previous dumps, then cyber criminals and people who need protection from various 0-days might consider paying this.
"The cost being asked by the Shadow Brokers is less than the cost of employing a security expert."
"And the potential knowledge is probably greater than what you would get by spending the same amount by hiring a security expert. So I suspect some people will pay."
But Oliver said there was an important factor working against the cyber criminals involved.
"Microsoft was warned about the SMB problem that WannaCry exploited. I would suggest that the government agencies involved with these tools have almost certainly warned Microsoft and other vendors of the details of the exploits. And this in turn reduces the value of such caches.
"In order to avoid/minimise the situation, everyone needs to take the following precautions:
- "start scheduling a systematic patching programme;
- "patching needs to be a part of an organisation’s/business’ regular security activities - with a thorough testing procedure. Ideally it is not done when an incident occurs; and
- "virtual patching can be used to protect the computers - so that such a systematic patching procedure can be put in place."
Alex Tilley, a senior researcher at security firm SecureWorks, said in response to queries that putting aside questions regarding the legitimacy of the Shadow Brokers' offer, the market for 0-day (unpatched, previously unknown exploits) was healthy and well-established.
"Depending on the type of exploits offered for sale, a price of $30,000 could be an absolute bargain for the right customer," he said. "While exact prices aren't exactly published in a recommended retail price-type catalogue publicly, exploit purchasing company Zerodium published its price guidance for various types of exploits which is one indication we have for the price of such things."
Asked about the ethics of buying exploits from such a group, Tilley responded: "I don't think it's a question of 'right and wrong' to the potential purchasers of such a service. The market for exploits and other technical capabilities that occupy an ethical 'grey area' is growing globally with many customers from varied backgrounds using the services of 'exploit vendors'."
He said given this, many people from different organisations would consider it was fine "to purchase such products and services and use them for purposes that the general public will most likely never be privy to".