Convicted hacker turned penetration tester Kevin Mitnick has fashioned a new line of business at his security consultancy — selling zero-day exploits for upwards of $100,000, according to a recent Naked Security bulletin.
Mitnick's Absolute Zero Day Exploit Exchange will develop zero-day exploits and procure them from developers in an effort to sell them to corporations and governments with budgets big enough to foot the bill.
Mitnick is quoted in a Wired interview as saying he wasn't aiming at aiding governments in spying on people, but the bulletin speculated as to whether Mitnick might count the National Security Agency among his customers.
The bulletin noted that the agency has drawn the scrutiny of the Electronic Frontier Foundation (EFF) and others for possibly “hoarding of zero days.” Mitnick did prison time for hacking into networks at companies like Motorola and IBM.