Story image

Potential Windows zero-day security exploit worth $90,000 on underground market

02 Jun 16

A single Windows zero-day vulnerability could be sold amongst the underground cybercrime markets, potentially affecting more than 1.5 billion Windows users, researchers at Trustwave have found.

Although not confirmed, the local privilege escalation (LPE) exploit affects every version of Microsoft Windows, from Windows 2000 up to Windows 10 and could allow cyber criminals to wreak havoc on computers. 

The threats come from the ability for hackers to give any Windows user accounts administrator privilege, thus allowing access to potential areas such as malicious software installation, network access, user settings and remote control of a computer.

Researchers at Trustwave's Spiderlabs Research stated in a blog that while zero-exploits are still rare, they are still worrying.

Although it is difficult to ascertain the kind of prices they are worth in the underground economy, but malware developers are increasingly monetising threat development and selling them for high prices.

Spiderlabs Research has found examples of underground forums that are collaborative hubs to hire malware coders, as well as leasing exploit kits and purchasing web shells and bot nets. the purchase of web shells or botnets.

Spiderlabs Research recommends:

  • Keeping your software up-to-date. Sometimes LPE exploits are used in conjunction with RCE exploits. If you are patched against the RCE part of the cyber attack, that may lessen the amount of damage a zero-day attack can make.
  • Using a full range of security software to give high protection and prevent weaknesses that could allow attacks to enter the system
  • Use common sense: Don't click suspicious links or open attachments from unknown sources.
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.