Software Pow

Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

 tháng 11 17, 2021     No comments   

Cyber criminals are becoming more advanced as they continue to find new ways to deliver attacks, and some are now willing to buy zero-day vulnerabilities, something more traditionally associated with nation states. 

Knowledge about vulnerabilities and exploits can command a high price on underground forums because being able to take advantage of them can be very profitable for cyber criminals. That's especially true if this knowledge involves a zero-day vulnerability that's not known about by cybersecurity researchers – and that's because attackers know potential victims won't have had the chance to apply security updates to protect against it.

ZDNet Recommends

For example, in the weeks after Microsoft Exchange vulnerabilities were disclosed earlier this year, cyber criminals rushed to take advantage of them as quickly as possible in order to benefit from the ability to carry out attacks before the security patches were widely applied. 

SEE: A winning strategy for cybersecurity (ZDNet special report) 

Zero-day vulnerabilities are usually deployed by well-resourced, nation-state-backed hacking operations – but analysis by cybersecurity researchers at Digital Shadows details how there's increasing amounts of chatter on dark web message boards about the criminal market for zero days. 

"This market is an extremely expensive and competitive one, and it's usually been a prerogative of state-sponsored threat groups. However, certain high-profile cyber-criminal groups (read: ransomware gangs) have amassed incredible fortunes in the past years and can now compete with the traditional buyers of zero-day exploits," said Digital Shadows.

"States can purchase zero-day exploits in a legal way from companies that are solely dedicated to creating these tools," Stefano De Blasi, threat researcher at Digital Shadows, told ZDNet. 

"However, when these tools are developed by cyber criminals outside of the law, it is likely easier to identify clientele from the cyber-criminal world; there is, however, only a handful of cyber-criminal actors who could afford the cost of a zero-day exploit". 

These kinds of vulnerabilities can cost millions of dollars, but that's a price that could be affordable for a successful ransomware group. which makes millions from every successful ransomware attack – and they could easily make back what they spend if the vulnerability works as intended by providing a reliable means of infiltrating networks. 

But there's another method of making money from vulnerabilities being explored, and it's one that could place them into the hands of less sophisticated cyber criminals – something known as 'exploit-as-a-service'. 

Instead of selling the vulnerability outright, the cyber criminal who discovered it can lease it out to others. This approach potentially makes money quicker than if they went through the complex process of a sale, and they could continue to make money from it for a long time. They also have the option of eventually selling the zero day if they tire of leasing it. 

"This model enables zero-day developers to generate substantial earnings by renting the zero day out while waiting for a definitive buyer. Additionally, with this model, renting parties could test the proposed zero day and later decide whether to purchase the exploit on an exclusive or non-exclusive basis," said the report. 

SEE: Ransomware: It's a 'golden era' for cyber criminals - and it could get worse before it gets better

Selling to government-backed hacking groups is still the preferred option for some zero-day developers for now, but a growing interest in exploits like this on underground forums indicates how some cyber-criminal groups are approaching the level of state-backed operations. 

"The rise of the exploit-as-a-service business model confirms that the cyber-criminal environment is consistently growing both in terms of sophistication and professionalization. Some high-profile criminal groups can now compete in terms of technical skills with state-sponsored actors; many prominent ransomware groups in particular have now amassed enough financial resources to purchase zero days advertised in illicit environments," De Blasi explained. 

The nature of zero-day vulnerabilities means defending networks against them is a difficult task, but cybersecurity practices like applying critical security updates as soon as they're released can stop cyber criminals having a lengthy window to take advantage of vulnerabilities. Organisations should also have a plan for what to do if they discover they've been breached. 

"Well drilled and documented incident response strategies can be crucial in responding to any attacker that may have gained access to a target's environment," said De Blasi.

MORE ON CYBERSECURITY

Adblock test (Why?)


You may be interested in:
>> Acer Chromebook Spin 311 Convertible Laptop, Intel Celeron N4020, 11.6" HD Touch
>> Google Pixel 4a - New Unlocked Android Smartphone - 128 GB of Storage - Up to 24 Hour Battery - Just Black
>> Oculus Quest 2 — Advanced All-In-One Virtual Reality Headset

You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss
  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Gửi email bài đăng nàyBlogThis!Chia sẻ lên XChia sẻ lên Facebook

Related Posts:

  • Luxion KeyShot Pro 11.1.0.46 With Crack Free DownloadLuxion KeyShot Pro Crack Full Version is available to download at GetPCSofts. This program is an advanced 3D rendering and animation application … Read More
  • ARCHICAD 25 Build 5005 With Crack Free DownloadGraphiSoft ARCHICAD Crack is available for download at GetPCSofts, it is an architectural BIM CAD software that offers computer-aided solutions for ha… Read More
  • Red Giant Trapcode Suite 18.0 With Crack Free DownloadRed Giant Trapcode Suite Crack is an impressive application that will bring 3D particle systems power into After Effects. It allows you to use the par… Read More
  • Acronis True Image 2021 With Crack Free DownloadAcronis True Image Crack + Bootable ISO Full Version is available for download at GetPCSofts. it is a new, multi-platform edition of the trusted backu… Read More
  • IDM Crack 6.41 Build 2 Patch With Serial Key Free Download Download Here IDM Crack Software Contents Internet Download Manager 6.41 Build 2 IDM Crack Download with Serial Key is the most Searchable and … Read More
Bài đăng Mới hơn Bài đăng Cũ hơn Trang chủ

0 Comments:

Đăng nhận xét


Copyright © 2025 Software Pow | Powered by Blogger
Design by Hardeep Asrani | Blogger Theme by NewBloggerThemes.com | Distributed By Gooyaabi Templates