Windows zero-day being auctioned off to the highest bidder

Even though they don’t represent the majority of cyberattacks, there’s something particularly menacing about zero-days.

These attacks represent the uncertainty about Internet security. You may be doing everything right and still get attacked through a vulnerability that isn’t publicly known yet. The attacker holds all the power, and can either report the flaw to the vendor or use it for him or herself.

Or, if they’re feeling particularly devious, they could put it up for sale.

Up for bid

SpiderLabs reports a Russian website has posted an advertisement for a Windows local privilege escalation zero-day. This attack is said to work any version of Windows from 2000 on and can allow a user to take actions as an administrator.

The winning bid will come with instructions on how to conduct the attack and a proof of concept, SpiderLabs reports. The hacker even goes so far to specify he or she will not accept a slice of proceeds from an attack in lieu of up-front payment. (“Respect your and my time,” the ad says.)

Bidding starts at $95,000 U.S.

Staying safe

There’s really no defense to prevent zero-days. That’s what makes these attacks particularly devious. But there are some general security rules worth noting.

  1. Update as quickly as possible. Zero-days aren’t fixed by updating, but waiting too long to update after fixes are released leaves you just as vulnerable as a zero-day would.
  2. Scan for unusual activity. Catching an attack quickly is the second best thing to never being breached in the first place.
  3. Stress security to users. These attacks don’t usually happen without user interaction. Make sure your people know the basics of staying safe from social engineering and phishing attacks to prevent a single incident from spreading to your entire system.

 

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy