A Hacker Is Selling Dangerous Windows Exploit, Making All Versions Of OS Hackable

In turn, this has resulted in an increased number of attacks on personal computers, enterprises, and financial institutions. These days, if a hacker is good at creating malware and exploits, he/she can make it a profession and provide services to others with low risk.

A similar case has popped up on a Russian cybercrime website. A hacker who goes by the name BuggiCorp is offering a Windows zero-day vulnerability that affects all versions of the operating system.

This listing was discovered by the security firm Trustawave, who found that the hacker was selling the exploit for $95,000. The advertisement was recently updated with a new price of $90,000.

The security firm says that while the price of exploit seems a lot, criminals are likely to make an investment due to possible high returns. 

The zero day being sold deals with Local Systems Privilege escalation

While the usual zero day exploits deal with Remote Code Execution, this zero day bug deals with a Local Systems Privilege escalation. Compared to other types of coveted malware, the privilege escalation could be used to launch any type of attack.

As expected, BuggiCorp wants the payment in Bitcoin. In his advertisements, he makes clear that the exploit works on all versions of Windows, which means that it may affect more than 1.5 billion Windows users.

He also promises to sell the exploit to a single person along with a fully-functional demo, complete exploit code, a Microsoft Visual Studio project file, and free updates for future versions of Windows.

Trustwave has notified Microsoft’s security team regarding the zero day bug and we expect some quick action.

Did you find this article interesting? Don’t forget to drop your feedback in the comments section below.

Also Read: Windows Security Flaws Could Be Avoided By Just Removing Admin Rights