Free Demo

Trending

Report: Global Cybersecurity Report 2025          Report: Europe Threat Landscape Report 2025          Report: APAC Cyber Threat Landscape Report 2025          Report: North America Cyber Threat Landscape Report 2025          Report: META Threat Landscape Report 2025          Recognition: Cyble Recognized in the Gartner® Hype Cycle™ for Cyber-Risk Management, 2025          Recognition: Cyble Named a Sample Vendor in Gartner® Hype Cycle™ for Managed IT Services 2025         
Report: Global Cybersecurity Report 2025          Report: Europe Threat Landscape Report 2025          Report: APAC Cyber Threat Landscape Report 2025          Report: North America Cyber Threat Landscape Report 2025          Report: META Threat Landscape Report 2025          Recognition: Cyble Recognized in the Gartner® Hype Cycle™ for Cyber-Risk Management, 2025          Recognition: Cyble Named a Sample Vendor in Gartner® Hype Cycle™ for Managed IT Services 2025         
HomeBlog
Threat Actor Seeking Private 0-Day – 1 Million Deposited in a Popular Cybercrime Marketplace
Cybercriminal-Offers-Three-Million-Windows-Zero-day-RATs

Threat Actor Seeking Private 0-Day – 1 Million Deposited in a Popular Cybercrime Marketplace

A threat actor (TA), by the name “integra” has deposited 26.99 Bitcoins on one of the cybercrime forums. The TA claims that the deposit has been made for the purchase of Zero Day Exploits from any forum member.  

Refer to Figure 1 to check the TA’s post in the forum. 

The TA has joined the forum in September 2012 and seems to have gained a high reputation over the course of time. The TA also has accounts on another cybercrime forum since Oct 2012.  

Refer to Figure 2 to see the TA’s profile on the cybercrime forum. 

The TA is willing to buy the following things with the deposited money. 
 

1. Buy the best Remote Access Trojan (RAT) that has not yet been flagged as malicious by any of the security products. 

report-ad-banner

2. Buy unused startup methods in Windows 10 such as living off the land (LotL) malware and hiding in the registry evasion technique. The TA is willing to offer up to USD 150K for the original solution. 

3. Buy Zero Day Exploit for Remote Code Executions and Local Privileges Escalations. The TA has mentioned that the budget for this particular exploit is USD 3Million. 
 

Zero-day vulnerabilities enable TAs to take advantage of security blind spots. The significant amount deposited as escrow for obtaining these vulnerabilities/exploits goes to show the TA’s seriousness about the use case for these exploits.  
 
Organizations should patch all known security updates and conduct timely internal Security Audits, in addition to being prepared for such attacks in the future. 

About Cyble: 

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the Darkweb. Its prime focus is to provide organizations with real-time visibility to their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Start-ups To Watch In 2020. Headquartered in Alpharetta, Georgia and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.    

Disclaimer: This blog is based on our research and the information available at the time of writing. It is for informational purposes only and does not constitute legal, financial, or professional advice. While we strive for accuracy, we do not guarantee the completeness or reliability of the content. If any sensitive information has been inadvertently included, please contact us for correction. Cyble is not responsible for any errors, omissions, or decisions made based on this content. Readers should verify findings and seek expert advice where necessary. All trademarks, logos, and third-party content belong to their respective owners and do not imply endorsement or affiliation. All content is presented “as is” without any guarantee that it is free of confidential, proprietary, or otherwise sensitive information. If you believe any portion of this content contains inadvertently shared or sensitive data, please contact us immediately so that we may address and rectify the issue. No Liability for Errors or Omissions Due to the dynamic nature of cyber threat activity, this [blog/report/article] may include partial, outdated, or otherwise incorrect information due to unverified sources, evolving security threats, or human error. We expressly disclaim any liability for errors or omissions or any potential consequences arising from the use, misuse, or reliance on this information.
why cyble

Get Threat Assessment Report

Identify External Threats Targeting Your Business​
Get My Report
Free
Cyble Vision
AI-Ransomware-Hacktivism-Webinar

Threat Landscape Reports 2025

annual-threat-report-2025
Europe cyber landscape
APAC Cyber Threat Landscape
North America Cyber Threat Landscape Report
META Threat Landscape
Australia New Zealand threat report

Upcoming Webinars

global-webinar-banner
Stay-Ahead-of-Cyber-Threats
CISO's Guide to Threat Intelligence 2024

CISO’s Guide to Threat Intelligence 2024: Best Practices

Stay Ahead of Cyber Threats with Expert Insights and Strategies. Download Free E-Book Now

Cyble | Amazon Music
Azure-MP-logo
google-ad-cyble
Share the Post:

Related Posts

Scroll to Top

Discover more from Cyble

Subscribe now to keep reading and get access to the full archive.

Continue reading