CyberNews Briefs

Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web

Security researchers have identified screenshots of a transaction between an unknown customer and Intellexa, a spyware company, in which the buyer paid €8 million to obtain access to a full-service zero-day remote control execution exploit. The transaction shows the zero-day exploit referred to as Nova Suite to the unknown buyer. The bill is dated July 14, and Nova Suite promises many capabilities and turnkey infections for both Android and iOS devices. The paperwork references an outdate iOS version 15.4.1 from March, however, it is not apparent how many devices are still vulnerable to the exploit.

During the sale Intellexa also allegedly promised that the malware is easily deliverable and only requires one click on behalf of the target. the malware uses the browser to inject the payload onto Android and iOS devices. The purchase price also got the buyer data analysis, a description of 100 other infections, and a one year warranty. The transactions could have serious implications for targets of the malicious software.

Read More: Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.