From January 2023 to September 2024, Kaspersky Digital Footprint Intelligence experts discovered 547 ads for the sale of exploit tools. The ads were posted on various dark web forums and anonymous channels on the Telegram app...
About half of these listings target zero-day and one-day exploits. However, the underground market is rife with scams, so it's hard to verify whether the tools being sold are actually usable.
Additionally, Kaspersky also recorded the average price of buying and selling exploits for remote attacks as high as $100,000.
Exploit is a tool that cybercriminals use to exploit software vulnerabilities, such as Microsoft software, to perform illegal acts such as unauthorized access or data theft.
More than half of dark web postings (51%) offered to sell or buy exploits targeting zero-day or one-day vulnerabilities.
Zero-day exploits target vulnerabilities that have not been discovered and fixed by the software vendor, while one-day exploits target vulnerabilities that have been discovered and fixed, but the system does not have the patch update installed.
“Cybercriminals can use exploits to steal corporate information or spy on an organization without being detected to achieve their goals,” said Anna Pavlovskaya, senior analyst at Kaspersky Digital Footprint Intelligence. “However, some exploits sold on the dark web may be fake or incomplete, and do not work as advertised. Furthermore, the majority of transactions take place underground. These two factors make it extremely difficult to assess the true size of this market.”
The dark web marketplace offers a wide variety of exploits, the two most common of which are Remote Code Execution (RCE) and Local Privilege Escalation (LPE) tools.
According to an analysis of more than 20 ads, the average price of an exploit targeting RCE is around $100,000, while LPE exploits typically cost around $60,000.
Exploits targeting RCE vulnerabilities are considered more dangerous because attackers can take control of part or all of the system or access secure data.
KIM THANH
Source: https://www.sggp.org.vn/mot-nua-cong-cu-exploit-rao-ban-tren-web-den-nham-vao-lo-hong-zero-day-chua-duoc-khac-phuc-post763208.html
![[Photo] Prime Minister Pham Minh Chinh receives Governor of Gunma Prefecture (Japan) and Special Advisor to the Japan-Vietnam Friendship Parliamentary Alliance](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F11%2F25%2F1764066321008_dsc-1312-jpg.webp&w=3840&q=75)
![[Photo] Close-up of Ba Ha River Hydropower Plant operating to regulate water to downstream](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F11%2F25%2F1764059721084_image-6486-jpg.webp&w=3840&q=75)
![[Infographic] Cross-exchange rates to determine taxable value from November 13-19](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/11/13/1762998368820_screen-shot-2025-11-13-at-08365320251113083702.png)
Comment (0)