Vulnerability acquisition platform Zerodium publication of various types of software and digital intrusion method price list-vulnerability warning-the black bar safety net

2015-11-24T00:00:00
ID MYHACK58:62201569329
Type myhack58
Reporter 佚名
Modified 2015-11-24T00:00:00

Description

! 1 1 May 1 8, Zerodium(0day brokers published a variety of from a network of criminals to buy and then resell to the needs of the target software and intrusion methods of the price list. Vulnerabilities platform released a price list Zerodium CEO Chaouki bekrar has said: “0day trading the first rule is to never publicly discuss price. But we still have to publish our price list!” Zerodium represents, for example, if through an Internet browser or the Safari browser to attack computers or to remote control a user's computer the highest you can get 5 0 0 0 0 dollars. But if the target is more difficult to break, like Google Chrome, the price would rise to 8 0 0 0 0 dollars. If the target is a Windows Phone device or Android system, then the price will be further increased to 1 0 0 0 0 0 dollars. So far on the list of highest price is the attacker via iOS attack to earn a 1 5 0 0 0 0 dollars. Look at the chart below, this table represents now the Black Market is a relatively full price: ! The company clearly bought the 0day vulnerabilities must only be Zerodium. To prevent software vendors release patches and sell them hack must not be resold to other people or to software vendors disclose vulnerabilities. They also will only pay on the list of those“must be exclusive, the former has never been reported loophole.” Can be in other words, Zerodium is also in its method of the user confidential. Because in Zerodium the FAQ page where their customers will have“government organizations need some specific, and tailored network security capabilities.” However, their customers need to pay annually at least 5 0 0 0 0 0 dollars to check its vulnerability. Zerodium in September, said: “iOS, like all of theoperating system, will be subject to some important security vulnerability, but due to the developers constantly improved, so iOS can be said to be currently the most secure mobileoperating system. But security has always been not unbreakable, it just means that the iOS team are currently the highest cost. So, here we million dollar iOS 9 vulnerability has a significant role.” 2 0 1 3 year government oversight website Muckrock had said the NSA is a Vupen client. There are a lot of people expressed dissatisfaction, such as Google's Justin Schul said bekrar has is“the ethical challenge of the opportunist”, a technology expert Chris Soghoian also said Vupen is a monopoly“network war bullets”of the“modern death quotient group”.