An international black market has emerged in “zero-day” computer threats, with government agencies reportedly among the customers of shadowy pseudonymous exploit brokers.
Forbes Magazine reports that the prices paid for previously undiscovered exploits range from between $5,000 and $30,000 for an exploit in Adobe Reader, up to between $100,000 and $250,000 for Apple’s iOS.
A “zero-day threat” is a vulnerability that exists in a computer programme or system that has not been previously discovered by the developer or the general public.
A “zero-day exploit” is a piece of computer malware that takes advantage of such a zero-day threat to allow a hacker to gain access to a computer system they are not authorised to access, or to cause malicious damage to a system.
Andrew Sadauskas is a former journalist at SmartCompany and a former editor of TechCompany.
