Mysterious Hacker Has Been Selling Windows 0-Days To APT Groups For Three Years

For the past three years, a mysterious hacker has been selling Windows zero-days to at least three cyber-espionage groups, as well as cyber-crime gangs, researchers from Kaspersky Lab have told ZDNet. From a report: The hacker’s activity reinforces recent assessments that some government-backed cyber-espionage groups — also known as APTs (advanced persistent threats) — will regularly buy zero-day exploits from third-party entities, besides developing their own in-house tools. APT groups believed to be operating out of Russia and the Middle East have often been spotted using zero-days developed by real-world companies that act as sellers of surveillance software and exploit brokers for government agencies. However, Kaspersky’s recent revelations show that APT groups won’t shy away from dipping their toes in the underground hacking scene to acquire exploits initially developed by lone hackers for cyber-crime groups, if ever necessary.