A Hacker Is Selling Dangerous Windows Exploit, Making All Versions Of OS Hackable


hacker selling windows zero day exploitShort Bytes: A hacker is selling a dangerous zero day vulnerability on a Russian cybercrime website. This exploit is said to be affecting more than 1.5 billion Windows users as it works on all version of Windows. The hacker wishes to sell the complete source code and demo of the exploit to any person who pays him $90,000 in bitcoin.

The underground market of malware and exploits has witnessed an exponential growth in the past few years. With the help of anonymous networks and payments in cryptocurrency, cybercriminals are easily getting access to various types of exploit kits.

In turn, this has resulted in an increased number of attacks on personal computers, enterprises, and financial institutions. These days, if a hacker is good at creating malware and exploits, he/she can make it a profession and provide services to others with low risk.

A similar case has popped up on a Russian cybercrime website. A hacker who goes by the name BuggiCorp is offering a Windows zero-day vulnerability that affects all versions of the operating system.

This listing was discovered by the security firm Trustawave, who found that the hacker was selling the exploit for $95,000. The advertisement was recently updated with a new price of $90,000.

The security firm says that while the price of exploit seems a lot, criminals are likely to make an investment due to possible high returns. zero day auction on russian website by hacker

The zero day being sold deals with Local Systems Privilege escalation

While the usual zero day exploits deal with Remote Code Execution, this zero day bug deals with a Local Systems Privilege escalation. Compared to other types of coveted malware, the privilege escalation could be used to launch any type of attack.

As expected, BuggiCorp wants the payment in Bitcoin. In his advertisements, he makes clear that the exploit works on all versions of Windows, which means that it may affect more than 1.5 billion Windows users.

He also promises to sell the exploit to a single person along with a fully-functional demo, complete exploit code, a Microsoft Visual Studio project file, and free updates for future versions of Windows.

Trustwave has notified Microsoft’s security team regarding the zero day bug and we expect some quick action.

Did you find this article interesting? Don’t forget to drop your feedback in the comments section below.

Also Read: Windows Security Flaws Could Be Avoided By Just Removing Admin Rights

More From Fossbytes

Latest On Fossbytes

Find your dream job