Several Russian companies in information security have received proposals for the sale of exploits using zero-day vulnerability (0day) in iOS and Android. Customers have called themselves representatives of the Chinese Association of it companies of ShenZhen Computer Users Association (SZCUA) in Russia. About it reports “Kommersant” with reference to sources in Russian companies.
According to the publication, in the SZCUA include large Chinese IT companies such as Kingdee International Software Group, China Greatwall Computer Shenzhen Co.
“We are interested in buying zero-day vulnerabilities. We are interested in os/cms/app/software/modems/office/browsers. At the moment, especially interesting IE/modem/Android/iOS. The price depends on the product. When the first transaction price threshold does not exceed $100 000 (price negotiable). Payment in three stages, the first to receive the product, the second upon receipt and appropriate checks and third — after two to three months to make sure that the exploit was not made public,” said one of the messages Nevsky, the correspondence which appeared in a publication.
As suggested by the co-founder of the hacker conference Steelcon Robin wood, who also received a letter from SZCUA, the Association passes the state exploits to hacker teams or sells them on the black market in China.
He also noted that SZCUA “well versed in the subject.” Wood tested it, by sending an Association already published the exploit. “They told me that this is not a 0day. They contacted me several times over the last 18 months, and it’s not just some group that appeared and will disappear after a few weeks,” — said the source publication.
At the same time in the SZCUA the newspaper reported that “the Association does not conduct a business and never did such things.”