An unpatched Local Privilege Escalation (LPE) vulnerability in Windows is being touted for sale on an underground market for Russian-speaking cyber criminals.
Researchers at TrustWave said the marketplace allows hackers to buy and sell coding labour, exploit kits, botnets and other wares, but finding a zero day for sale is extremely uncommon, suggesting they could become a “commodity for the masses.”
“Dear friends, I offer you a rare product,” the cybercriminals declare in their zero-day sales pitch. “Exploit for local privilege escalation (LPE) for a 0day vulnerability in win32k.sys.”
But of course criminality like this does not cheap, and the seller is willing to accept offers starting from $95,000 (£66,000) in Bitcoins.
“Do not offer revenue sharing as payment,” the seller warned. “Respect your and my time.”
“It seems the seller has put in the effort to present himself/herself as a trustworthy seller with a valid offering,” said TrustWave. “One of the main indicators for this is the fact that the seller insists on conducting the deal using the forum’s admin as the escrow. In an update posted by the seller on 23rd of May it is stated that the exploit will be sold exclusively to a single buyer.
“Additionally, the seller provides two proof videos for any potential buyers that might be concerned with the validity of the offer.”
The first video apparently shows a fully updated Windows 10 machine being exploited successfully, by elevating the CMD EXE process to the SYSTEM account. The second video shows the exploit successfully bypassing all of EMET protections for the latest version of the product.
Trustwave said that it has notified Microsoft of the zero day offering and it continues to monitor the situation. In the meantime it advised Windows users to keep their software up-to-date, and bear in the mind that protection works best in layers.
The rate of zero day vulnerability discoveries actually doubled in 2015 from 2014, according to Symantec Security Response.
It also said that cybercriminals are adopting corporate best practices and establishing professional businesses to boost the efficiency of their attacks against enterprises and consumers.
Take our hacking and viruses quiz here!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…