Uncovering the market in vulnerability exploits
It won't come as any surprise that there's a thriving market among threat actors for the latest vulnerability exploits. A new report from Flashpoint lifts the lid on this world and reveals the exact vulnerability exploits that were listed for sale, purchased, and/or traded in the first half of 2023.
One of the most expensive was a remote code execution exploit for Adobe Commerce -- the eCommerce platform formerly known as Magneto -- which was listed for sale at $30,000. A Citrix ShareFile exploit was priced at $25,000.
A Windows privilege escalation exploit listed for $8,000 as an executable and $13,000 as source code, while a Barracuda emails security exploit was $15,000.
What's also interesting is that some of these vulnerabilities aren't new, in many cases they've been around for a while. The Magneto exploit for example was first disclosed in February 2022. Indeed all of the exploits listed for sale are known to have had patches issued, but evidently threat actors are banking on the fact that organizations are slow to update their systems.
Exploits traded include those for Draytek/Vigor routers, VMware, Foxit PDF readers and the Linux kernel. Clearly attackers are not just interested in the obvious targets although Windows and Microsoft Exchange still feature.
You can get the full report with details of the exploits traded in the first half of this year from the Flashpoint site.