This Hacker Is Selling Dangerous Windows 0-Day Hacks For Past 3 Years

A report by ZDNet has revealed that a mysterious hacker is selling Windows zero-day exploits to the world’s most notorious cybercrime groups for the past three years. At least three cyber-espionage groups also known as Advanced Persistent Threats (APTs) are regular customers of this hacker.

According to experts from Kaspersky Lab, the hacker going by the pseudonym “Volodya” is a recognized name in the hacking world as he previously sold a zero-day vulnerability to a cyber-crime group on the disreputable Exploit.in cyber-crime forum.

At that time he was operating under the codename “BuggiCorp” and shocked the world by posting an advertisement for a zero-day vulnerability on a public forum.

Costin Raiu, Director of the Global Research and Analysis Team (GReAT) at Kaspersky Labs, told ZDNet that they have been tracking Volodya since 2015.

“Our observations indicate Volodya ( short for ‘Volodimir’) is fluent in Russian, although likely of Ukrainian origin. Volodimir is also not a Russian name, but Ukrainian,” says Raiu.

The APT groups who are purchasing these flaws include infamous names like Fancy Bear, which is a Russian cyber espionage group.

Volodya is also behind the recent CVE-2019-0859 which is a zero-day exploit in Microsoft Windows operating system. The exploit was reported by Kaspersky and has been patched now. It is one of the many zero-day vulnerabilities that have been linked to Volodya.

ZDNet also reports that some zero-day flaws were sold for as high as $200,000 by Volodya. Researchers are also not ruling out the possibility that Volodya has his own team of hackers who are helping him in selling Windows zero-day hacks for the past three years.

The report is enough to prove that cyber-espionage groups are splurging hefty money to grab hold of zero-days hacks from notorious hackers.