Contact Contact Us

Skilled Hacker Develops, Sells Windows Zero-day Exploits to APT Groups

A hacker, likely of Ukrainian origin and goes by the name Volodya, has been developing and selling zero-day exploits to state-sponsored threat groups and cyber-criminal gangs since 2015. Volodya is believed to have developed CVE-2016-7255, a local privilege escalation flaw in the win32k component, that was used in attacks linked to Russian threat group Fancy Bear (aka APT28, Sofacy, Sednit or Pawn Storm). The hacker also deals with financially-motivated threat groups and most recently created and sold CVE-2019-0859, a memory corruption flaw in the Win32 component, which was patched in Microsoft Patch Tuesday April 2019.

[1] Mysterious Hacker Has Been Selling Windows 0-Days to APT Groups for Three Years

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883