Hacker deposits $ 1 million to buy zero-day vulnerabilities
A cybercriminal using the alias integra made a 26.99 bitcoin deposit on one of the hacker forums to buy exploits for a zero-day vulnerability.
According to Cyble researchers, the integra forum member registered in September 2012 and has since gained a good reputation. In addition, integra has been registered with another cybercrime forum since October 2012.
The hacker made a deposit with the desire to purchase an exploit that is not detected by any security solution. In particular, he is interested in the following suggestions:
Remote Access Trojans (RATs) that are not detected by any security solution;
Previously unused methods of attacks on Windows 10, in particular, attacks using improvised means and techniques to bypass the registry (a hacker is ready to pay up to $ 150,000 for an original solution);
Exploits allowing remote code execution (RCE) and local privilege escalation (for which the cybercriminal agrees to pay up to $ 3 million).
Such a large amount of the deposit is worrisome, as it suggests that the attacker is going to use exploits to attack or resell them.
“Zero-day vulnerabilities allow attackers to exploit security blind spots. Such a high amount of the deposit for the purchase of these vulnerabilities/exploits shows the seriousness of the cybercriminals’ intentions. Organizations should patch all known vulnerabilities and conduct regular internal audits in addition to being prepared for such attacks in the future, ”Cyble said.
Catch up on more articles here
Follow us on Twitter here