A hacker with the alias BuggiCorp has for sale a zero day that affects all versions of Windows and can allow an attacker to scale the privileges for software processes to the highest level available in Windows.
Security firm Trustawave discovered last May that the exploit was being advertised on an underground Russian hacking forum for $90.000. The last information in the forum post it was on May 23rd, and raised the starting price to $95.000.
BuggiCorp posted two videos on YouTube, που παρουσιάζουν το zero-day σε δράση, με μια κλιμάκωση προνομίων σε ένα πλήρως ενημερώμενο σύστημα με Windows 10 στην τελευταία ενημερωμένη version του κώδικα ασφαλείας (Μάιος 2016). Ένα άλλο βίντεο δείχνει την παράκαμψη όλων των χαρακτηριστικών ασφαλείας που περιλαμβάνονται στην τελευταία έκδοση του EMET toolkit της Microsoft.
BuggiCorp states that it will only sell the exploit to one person, and that the buyer will get the source code, a fully functional demo, a archive of Microsoft Visual Studio 2005 file, as well as free future updates for any version of Windows that cannot run the exploit.
The vendor makes it very clear that the exploit works on all versions of Windows, which according to Microsoft statistics can affect more than 1,5 billion users.
Trustwave, however, and other experts believe that zero day is overpriced, but that someone will pay it eventually.
To get an idea of the prices of other hacking tools, below are two examples, from a price list from a vendor called Zerodium, and a price list of hacking services from a report of Dell.
In addition, experts also believe the zero day is not worth as much because it can not be used to infect computers, but only to escalate the privileges of the attacker.
Watch videos:
