Contents:
OpZero, a new exploit broker company based in Petersburg, Russia, tripled Zerodium’s offer for an eventual Signal RCE zero-day exploit.
The reward went up from $500,000 to #1,500,000 and made cybersecurity researchers wonder how and why it is possible for a newcomer on the market to be able to offer such an amount of money.
Who’S Buying Zero-Day Exploits for the Signal Messaging App?
OpZero, founded by Sergey Zelenyuk, started its activity on Twitter in July 2021 and had its site indexed by Google as recently as October 2022. According to their own website, OpZero’s services address security professionals and provide technologies for both offensive and defensive operations.
Zelenyuk raised awareness in 2018, after revealing a zero-day vulnerability in one of Oracle’s software before the company had the chance to launch a patch.
What OpZero is actually doing is buying exploits from hackers, be they white or black-hatted, and selling them further to interested companies and the government, namely, exclusively Russian ones. Theoretically, for good reasons.
Russia is moving forward and is unstoppable. West did nothing when civils of Donetsk and Luhanks were bombed last 8 years. Now watch how we defend our people. #UkraineRussiaWar
— Sergey Zelenyuk (@srgsrgsrg111) February 28, 2022
Cybersecurity specialists find the $1,500,000 payout is a bit disproportional for a company as fresh on the market as OpZero, who couldn’t possibly have that kind of money.
Zelenyuk agrees, however, he also states that the initially low funds are not a problem. The plan is to ask the customer to cover the costs. This statement only strengthens the supposition that the customer was already identified and is wealthy enough to offer the $1,500,000.
Why Offer Three Times the Price for a Zero-Day Exploit?
Signal is currently considered one of the safest messaging and voice apps in the world right now and is intensively used by the Ukrainian Army for communication.
As Sergey Zelenyuk, founder of OpZero, is considered one of the pro-Kremlin voices in Russia, cybersecurity specialist Irina Tsukerman thinks that in the context of Russia losing the war with Ukraine:
There’s clear desperation and interest in penetrating the innermost Ukrainian communications, which goes beyond mere commercial interest. It’s more likely OpZero is a subsidiary of an intelligence agency which is specifically prioritizing this issue due to the poor military performance
Tsukerman is not the only one with this opinion, famous security researcher the Grugq presumes that raising three times the payout for one Signal zero-day exploit suggests not a „business as usual” message, but an intention to urge hackers to focus research in a certain direction.
There is no reason to offer significantly more money than your competitors for a capability unless you truly need to attract exploit developers.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.