14 DAY TRIAL // The sum of $1,435 (1,076 EUR) is offered for the programmer who can develop a fully operational exploit for the recently patched up Windows Remote Desktop Protocol (RDP) vulnerability.
At the time the patch was released, Microsoft admitted that it was aware of the fact that an exploit might be released in the following 30 days. They urged everyone to update their products as soon as possible and they even made available a one-click temporary workaround.
However, cybercriminals know that there will still be a lot of users that fail to update their Windows operating systems, which is why they are rushing to get a working exploit released.
Security journalist Brian Krebs came across a web site called gun.io, where software developers hire other programmers for their knowledge and skills. Here he found a wanted ad for an RDP exploit for which the client offered the sum of $1,435 (1,076 EUR).
“I'd like to see a working exploit for CVE-2012-0002 (the new RDP hole) as a Metasploit module,” a user named Rich wrote.
But gun.io is a site where anyone can financially contribute to any project with certain amounts of money, so the bounty may be raised at any time.
On the other hand, gun.io is a legitimate site that anyone can have access to and nothing shady happens. Which makes one wonder what such an exploit would cost on the black market.
Krebs believes that the price for such an instrument can be much higher on an underground forum, or even for a legitimate vulnerability research company such as TippingPoint.
In any case, we can expect an exploit to be released and used at any time now. That is why customers should make sure they update their Windows operating systems, and in situations where it’s not as easy as the press of a button, the Network Level Authentication (NLA) should be enabled to offer at least some sort of protection.