Zero-day exploit tools are designed to help hackers of the government break into all sorts of leading apps such as WhatsApp as well as Android and iOS phones. But just when you thought this was the ideal means of 'hacking' comes some very interesting news.
You can now delve into famous software present on both Chrome and Safari browsers as well as messaging platforms through such means but at a much higher cost than before. And it's not quite what regulators wish to hear for obvious reasons.
But wait, the pricing has soared to a new high, multiplying several folds in the past couple of years. And today, such tools come at a staggering cost of millions of dollars. The reason is simple, companies are making it harder for such tools to combat serious security barriers.
So at the end of the day, it’s getting much harder to actually do what the tool promises to do and that is hack various leading platforms.
We saw tech giant Crowdefense recently rolled out its new and improved pricing list featuring hacking tools. These rely on all kinds of unpatched vulnerabilities found in the software that aren’t even known by the software’s makers.
Plenty of firms other than Crowdefense and its leading competitor are said to have acquired the tools to resell them to other top companies.
In most instances, it’s the government firms or contractors that keep on mentioning how they require the tools for spying or for tracking those breaking the law.
Today, Crowdfense offers around $5 to $7 million for the tools to get into devices, setting up close to $5 million for Android, and $3 million for browsers like Chrome and even Safari. The same is true for leading apps like WhatsApp or iMessage.
Another price list was rolled out in the past where it mentioned how Crowdfense was giving out $3 million for all devices in return for zero-day exploits.
| Vulnerability Type | Price Range (USD) |
|---|---|
| SMS/MMS Full Chain Zero Click | upto 9 million |
| iOS Zero Click Full Chain | upto 7 million |
| Android Zero Click Full Chain | upto 5 million |
| WhatsApp Zero Click (RCE + LPE) | upto 5 million |
| iMessage Zero Click (RCE + LPE) | upto 5 million |
| iOS (RCE + SBX) | 3.5 million |
| Safari (RCE + LPE) | upto 3.5 million |
| Chrome (RCE + LPE) | upto 3 million |
| Safari (SBX) | upto 0.4 million |
| Chrome (SBX) | 0.2 million |
| Chrome (RCE w/o SBX) | 0.2 million |
| Safari (RCE w/o SBX) | 0.2 million |
The surge in pricing arrives when top tech giants such as Apple, Microsoft, and even Google are making it so much harder to enter devices through apps so in this manner, people stay more protected with time.
Year after year, it’s getting a little harder to exploit software on devices as companies do pay researchers to get the tools who then report them further to other organizations impacted with a simple goal. And that is to have the vulnerability fixed.
As more vulnerabilities continue to arise as we speak, intelligence agencies are putting in more effort toward ensuring how more platforms can improve and therefore adding greater security barriers.
So the effort that was once required by a hacker is now much greater, not to mention how much longer it would take for another sophisticated attack to arise.
Meanwhile, more studies are speaking about how it’s getting harder with each passing day for anyone to hack into a software or system. It’s hard to exploit a vulnerability, something that was unheard of in the past.
One security analyst by the name of David Manoucheri also added how targets arising from the likes of big names in the industry like Apple and Google really do realize that zero exploit tools are on the rise so they’re working effectively to combat them. This means saying hello to a trade that increases in complexity and transforms into something that is super time-consuming.
See, the little amendments that vendors are adding are actually working. It’s a big trade and something that goes above and beyond in regards to complexity. This is later on reflected in regards to greater costs.
We’ve got teams of researchers working hard, day and night, to crack the code in terms of how to enter the system. Prices keep soaring and the demand is there so it’s a never-ending vicious cycle.
The companies offering the greatest prices in public today are certainly those located right outside Russia. Russian prices might appear greater due to the current war carried out against Ukraine, not to mention the great number of sanctions that simply discourage and stop people from having relations with Russians.
So the tool is mighty, having multiple uses, and therefore as long as it gets the job done, people are willing to pay.
Read next: App Spending Soars to $288 Billion by 2030, 2.9 Trillion Downloads Expected
