A threat actor that goes online with the name “integra” has deposited 26.99 Bitcoins on one of the cybercrime forums with the intent to purchase zero-day Exploits from other forum members, researchers from threat intelligence firm Cyble.
According to the experts, the member “integra” has joined the cybercrime forum in September 2012 and has gained a high reputation over the course of time. The threat actor is also a member of another cybercrime forum since October 2012.
The threat actor aims at buying malware with zero detection,
The TA is willing to buy the following things with the deposited money zero-day exploits for RCE and LPE, in the latter case the member is offering up to $3 Million.
“The TA is willing to buy the following things with the deposited money.” states Cyble.
The significant amount deposited as an escrow by the threat actor is concerning, the circumstance suggests that the threat actor is going to use the exploits for attacks or to resell them.
“Organizations should patch all known security updates and conduct timely internal Security Audits, in addition to being prepared for such attacks in the future.” concludes Cyble.
(SecurityAffairs – hacking, cybercrime)