Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web
Documents appear to show that Israeli spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems.
1 Min Read
Source: NicoElNino via Alamy
Last month, an unknown customer appears to have shelled out around €8 million for a full-service zero-day remote control execution (RCE) exploit.
Screenshots shared of the zero-day exploit bill of sale are dated July 14 and show that Intellexa, a spyware company, sold a product it called Nova Suite to an unknown buyer. It promised turnkey infections for Android, as well as iOS devices. The paperwork references iOS version 15.4.1 from March, but it's unclear how many devices remain vulnerable.
Intellexa also promised the malware is delivered with just one click and uses the browser to inject the Android and iOS payload to mobile devices. The purchase price also includes data analysis, a "magazine" of 100 other infections, and even a full year's warranty.
About the Author
You May Also Like
More Insights
Webinars
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024
