How a Hacker Made $45,000 Selling 0Day Exploits to Hacking Team

/ 1 year ago


We previously reported that Italian spyware company, Hacking Team, has been hacked and had 400 GB of data publicly released via torrent websites. Well, Arstechnica reportedly found how easy it was doing business with the latter company by digging through their emails.

It seems that a Russian hacker approached the Hacking Team in 2013 with a few 0day bugs he found on Windows, OS X and iOS operating systems, with price ranges of $30,000 to $45,000. The company apparently was not interested in the latter, but it did show interest in another exploit offered by the hacker, namely the “Adobe Flash Player 9.x/10.x/11.x with the RCE exploit for the current Flash Player 11.9.x for Windows 32/64-bit and OS X 64-bit”.

The correspondence even revealed how the money was transferred to the hacker. According to the findings, the hacker received the money via bank wire transfer in three instalments, one of $20,000 in October 2013, the other of $15,000 in November 2013 and the last one of $10,000 in December 2013. There has not been any evidence of the hacker and the company doing any business up until 2015, when the Russian hacker received another $35,000 in his bank account in Moscow.


Arstechnica also approached the hacker and surprisingly, he explained that such transactions are very common between companies such as Hacking Team and freelance hackers. He stated that such transactions are “routine sales like with ZDI, VCP, pentesters and other legal 0day buyers”. I don’t know about you, but this information is as exciting as it is scary. So what are your thoughts on this?

Thank you arstechnica for providing us with this information

Topics: , , , , , , , , , , , , , ,