In a recent article about Hacking Team, we mentioned how this collective recently became the target of a hack themselves. More and more details regarding their activity is surfacing on a daily basis, and apparently selling exploits to Hacker Team can be done via email. Even though the person involved demanded a wire transfer payment for the entire sum, he could’ve used Bitcoin as well.
Saying that the world of hacking and exploits if a lucrative business would be quite the understatement. A Russian hacker sold one of his zero-day vulnerabilities to Hacking Team a while ago for the sum of US$45,000. All it took was an email conversation and the exchange of bank details in order to receive the funds. Plus, he got a nice invoice as well to make everything look more legitimate.
Even though the seller of these exploits remains anonymous – despite using the name Vitally Toropov – at this time, he is called “Tovis” by the mainstream media. Tovis offered six ready-to-delivery exploits to Hacking Team, which could be used for all major computer operating systems. Eventually, the decision was made by Hacking Team to purchase just one Adobe Flash exploit.
After a few emails being shot back and forth between Tovis and Hacking Team member Gianni Russo, a deal was reached to conclude the sale of this Adobe Flash exploit. The sum of US$45,000 would be paid in three parts, all of which would be sent via wire transfer.A slightly odd choice, considering how easy it is to follow the money around when it is transferred between bank accounts.
What makes this deal very strange is the fact that Hacking Team drafted an invoice for the sale and payments of this exploit provided by Tovis. Contrary to popular belief, even zero-day exploiters need to provide legal paperwork for their “freelance work” it seems. However, the recent Hacking Team hack unveiled the Italian team has been buying and selling zero-day vulnerabilities from and to various parties.
A major misconception by mainstream media is the fact that Bitcoin is a favorite payment method used by hackers and exploiters all over the world because of its anonymity. That being said, Bitcoin is not anonymous, but only pseudonymous, and therefor not a great payment option for such a black market transaction.
Bitcoin is a powerful tool to send money to anyone else in the world in a matter of mere seconds, but it is traceable through the blockchain. And people who prefer to stay anonymous will open up a bank account in a fake name, and use it as a money mule before transferring funds further down the rabbit hole.
What are your thoughts on this story? Let us know in the comments below!
Source: Ars Technica
Images courtesy of Shutterstock
1 Hova Villas Brighton & Hove
BN3 3DH United Kingdom
All rights reserved by Bitcoinist Ltd. | 2016.