Security News > 2022 > October > Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub

Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities.

Last week, Vietnamese cybersecurity firm GTSC disclosed that some of their customers had been attacked using two new zero-day vulnerabilities in Microsoft Exchange.

To take advantage of this lull before the storm, a scammer has begun creating GitHub repositories where they attempt to sell fake proof-of-concept exploits for the Exchange CVE-2022-41040 and CVE-2022-41082 vulnerabilities.

Huntress Lab's John Hammond has been following these scammers, finding five now-removed accounts attempting to sell the phony exploits.

Another scam account found by Paulo Pacheco impersonated Kevin Beaumont, a well-known security researcher/professional who has been documenting the new Exchange vulnerabilities and available mitigations.

These vulnerabilities are worth far more than $400, with Zerodium offering at least $250,000 for Microsoft Exchange remote code execution zero days.

News URL

https://www.bleepingcomputer.com/news/security/fake-microsoft-exchange-proxynotshell-exploits-for-sale-on-github/