Million-dollar security exploits, the one-click zero-day vulnerabilities that can cause so much harm, pretty much used to be the sole territory of state-sponsored actors. However, the ransomware pandemic has changed all that. This is very bad news for everyone, including Windows 10 users, as new research reveals.
Ransomware profits funding zero-day buyer diversity
High profile victims of ransomware facing demands hitting tens of millions, and smaller businesses facing ransoms of tens of thousands, have helped turn organized cybercriminal gangs into very well-resourced operations. Not only do they make the kind of money that enables them to pay dark web ‘access brokers’ up to $500,000 for stolen network credentials, but now it seems they have millions to spend on zero-day exploits as well.
The $3 million Windows 10 no-click zero-day exploit is here
According to the latest research from Digital Shadows, a digital risk protection specialist, the cybercriminal marketplace is booming. Once the prerogative of nation-state actors, the kind of no-click zero-day exploits used in secret-squirrel surveillance operations that come with multi-million price tags are now within reach of criminal actors as well.
The report, ‘Vulnerability Intelligence: Do you know where your flaws are?’ found that the ceiling for such zero-day pricing has now hit $10 million. Not that there is evidence, as of yet, that these sums have been realized, but the chatter is there, and that’s worrying. As is the $3 million that has been put on the table by one threat actor looking for a working zero-click zero-day remote code execution exploit for Windows 10.
Zero-days for hire
I’m sorry to be the bearer of even more bad news, but things do get even worse when it comes to exploit chatter, it seems. Aware that not everyone has the financial clout of a nation-state or top-ranking ransomware group, developers of zero-day exploits are discussing another option that could open the attack doors to more significant numbers of cybercriminals.
That option is a zero-day leasing scheme.
This shouldn’t come as any great surprise as ransomware gangs already operate systems where affiliates do the attack donkey work using malware developed by the core criminal enterprise in return for a percentage of the ransom. …….
