Security News > 2021 > October > Zerodium wants zero-day exploits for Windows VPN clients

In a short tweet today, exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network service providers on the market.
Zerodium's current interest is in vulnerabilities affecting Windows clients for NordVPN, ExpressVPN, and SurfShark VPN services.
BleepingComputer reached out to the three VPN service providers for comment on Zerodium's announcement but did not receive a reply at publishing time.
The reason behind the exploit broker's announcement remains undisclosed but one motive could be that government customers need a way to identify cybercriminal activity hiding behind VPN services.
A more recent example is from the National Security Agency this year, who warned that Russian hackers launched brute-force attacks against Kubernetes servers with their origin concealed through TOR and VPN services, among them Surfshark and NordVPN. The company says that its business is guided by ethics and selects customers based on strict criteria and vetting processes; and that only a small number of government clients have access to acquired zero-day research.
Earlier this year Zerodium announced a temporary payout increase for Chrome exploits.
News URL
Related news
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- ⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
- New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)