Security Operations, Vulnerability Management, Government Regulations, Threat Intelligence

US sanctions zero-day exploit brokers linked to Russian intelligence

ZERO-DAY text and binary code concept from the desktop computer screen,ZERO-DAY vulnerability concept (also known as a 0-day)A zero-day vulnerability is a flaw in software or hardware.

(Adobe Stock)

The U.S. government announced sanctions on Tuesday against two companies and their founders that acquire and resell zero-day exploits. These vulnerabilities, unknown to software developers, can be abused for hacking and pose a threat to national security, foreign policy, and the economy, as reported by TechCrunch.

The sanctioned entities include Russia-based Operation Zero, which offered up to $20 million for zero-days in Android and iPhones, and its founder, Sergey Zelenyuk. The Treasury Department stated Operation Zero acquired and sold proprietary U.S. government cyber tools to unauthorized users. The sanctions also target Zelenyuk's assistant, Marina Evgenyevna Vasanovich, and associates Azizjon Makhmudovich Mamashoyev and Oleg Vyacheslavovich Kucherov. Kucherov is suspected of ties to the Trickbot ransomware gang.

Mamashoyev is allegedly the founder of Advance Security Solutions, another UAE-based zero-day broker also sanctioned, which had offered up to $20 million for exploits targeting smartphones. These actions coincide with an FBI investigation into Peter Williams, a former L3Harris employee who pleaded guilty to selling exploits to a Russian broker, now identified as Operation Zero.

Source: TechCrunch

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Account HarvestingBrute ForceBuffer OverflowCountermeasureData CustodianData MiningDenial of ServiceDictionary AttackDisassemblyDomain Hijacking

You can skip this ad in 5 seconds