Categories: Technology

Wealthy cybercriminals are using zero-day hacks more than ever

[ad_1]

“Ransomware groups have been able to recruit new talent and to use the resources from their ransomware operations and from the insane amounts of revenue they’re pulling in in order to focus on what was once the domain of state-sponsored [hacking] groups,” says James Sadowski, a researcher with Mandiant.

Zero-days are typically bought and sold in the shadows, but what we do know shows just how much money is at play. A recent MIT Technology Review report detailed how an American firm sold a powerful iPhone zero-day for $1.3 million. Zerodium, a zero-day vendor, has a standing offer to pay $2.5 million for any zero-day that gives the hacker control of an Android device. Zerodium then turns around and sells the exploit to another organization—perhaps an intelligence agency—at a significant markup. Governments are willing to pay that kind of money because zero-days can be an instant trump card in the global game of espionage, potentially worth more than the millions an agency might spend.

But they’re clearly worth a lot to criminals too. One particularly aggressive and adept ransomware group, known by the code name UNC2447, exploited a zero-day vulnerability in SonicWall, a virtual private network tool used in major corporations around the world. After the hackers gained access, they used ransomware and then pressured victims to pay by threatening to tell the media about the hacks or sell the firms’ data on the dark web.

Maybe the most famous ransomware group of recent history is Darkside, the hackers who caused the shutdown of the Colonial Pipeline and ultimately a fuel shortage for the eastern United States. Sadowski says they too exploited at least one zero-day during their short but intense period of activity. Soon after becoming world famous and attracting all the unwanted law enforcement attention that comes with fame, Darkside shuttered, but since then the group may simply have rebranded.

For a hacker, the next best thing after a zero-day might be a one- or two-day vulnerability—a security hole that has been recently discovered but has not yet been fixed by that hacker’s potential targets around the world. Cybercriminals are making rapid advances in that race, too.

Cybercrime groups “are picking up state-sponsored threat actors’ zero-days at a quicker pace,” says Adam Meyers, senior vice president of intelligence at the security firm Crowdstrike. The criminals observe the zero-days being used and then sprint to co-opt the tools for their own purposes before most cyber-defenders know what’s happening.

“They quickly figure out how to use it, and then they leverage it for continued operations,” says Meyers.

[ad_2]
Source link
Admin

Recent Posts

Kijangwin is the latest online video gaming provider

Kijangwin is your brand-new go-to destination for all things internet gaming. Whether you're an informal…

2 days ago

How to Style Trendy Clothes Effortlessly

Hey there, fashion enthusiasts! Are you ready to dive into the world of trendy clothes…

3 days ago

How to effectively recover your frozen/stolen funds from fraudulent platforms

Hey there! If you're reading this, there's a good chance you've found yourself in the…

3 days ago

Important things about Core 2 . 0 regarding Hemp Users

Hey there, hemp enthusiasts! If you've been on the hunt for the next big thing…

5 days ago

Exploring the Features and Benefits of Strio

Hey there! Have you ever found yourself tangled up in the world of communication and…

1 week ago

The Importance of Pre-Sale Pest Control: Ensuring a Smooth Home Transaction

Are you worried that hidden critters might derail your home sale? Selling a house can…

1 week ago