Security News > 2021 > October > Zerodium wants zero-day exploits for Windows VPN clients
In a short tweet today, exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network service providers on the market.
Zerodium's current interest is in vulnerabilities affecting Windows clients for NordVPN, ExpressVPN, and SurfShark VPN services.
BleepingComputer reached out to the three VPN service providers for comment on Zerodium's announcement but did not receive a reply at publishing time.
The reason behind the exploit broker's announcement remains undisclosed but one motive could be that government customers need a way to identify cybercriminal activity hiding behind VPN services.
A more recent example is from the National Security Agency this year, who warned that Russian hackers launched brute-force attacks against Kubernetes servers with their origin concealed through TOR and VPN services, among them Surfshark and NordVPN. The company says that its business is guided by ethics and selects customers based on strict criteria and vetting processes; and that only a small number of government clients have access to acquired zero-day research.
Earlier this year Zerodium announced a temporary payout increase for Chrome exploits.
News URL
Related news
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)
- China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer (source)