You can smash Microsoft Windows for only $90,000. Maybe.
As has been widely reported, a hacker in Russia, with the handle BuggiCorp, has been peddling a “zero-day “vulnerability online that affects all Windows operating systems.
The bug enables users to gain access to the highest privileges of software processes, which means that a hacker could conceivably bypass security features, even those installed in the latest operating systems and releases. As noted on sites such as Krebs on Security and others, the bug was discovered by Trustwave, and then evidence of the bug being offered up for sale on the Russian underground hacking site popped up the same month. There were also two YouTube videos, ostensibly posted by BuggiCorp, which showed how zero day could be used to bypass the aforementioned security features. The reach is substantial, with the ability to affect more than 1.5 billion users.
BuggiCorp has said he wants to be paid in bitcoin, with the ability to establish an escrow account at the hacking forum. The buyer can be only one person, said the hacker, with the deliverables including, according to Softpedia, source code, a demo and any updates that might be warranted with new Microsoft releases. Softpedia said that some experts do not believe zero day is worth all that much, since it cannot actually be used to infect computers but simply can be used to gain and enhance access to computers (which then, in turn, can open the door to infectious activities).