51% of Exploits Sold on Underground Forums Are for Microsoft Products

Security , Cybersecurity
22.07.2021 09:40 am

Cybercriminals sell found software vulnerabilities to each other, increasing their profits and causing more damage along the way.

According to the recent Atlas VPN team findings, 51% of exploits sold on underground cybercriminal forums are for Microsoft products. The constantly growing number of published vulnerabilities could mean that the impact of cyberattacks will increase as well.

Microsoft Office exploits made up 23% of all vulnerabilities sold on underground forums. Malicious Excel or Word files are sent out via phishing emails. Once the victim opens it, the file triggers malware which can steal login credentials, drop ransomware, or cryptocurrency miners.

Microsoft Windows exploits accounted for 12% of vulnerabilities sold on hacker forums. By purchasing Windows exploits, attackers can gain access to admin rights of your network or computer.

Microsoft Remote Desktop Protocol (RDP) exploits counted for 10% of all sales. Unauthorized attackers who take control of this vulnerability can use your computer as though they would be sitting in front of it.

Internet Explorer (IE) and Microsoft SharePoint each made up 3% of the vulnerabilities sold.

Cybersecurity writer and researcher at Atlas VPN William Sword shares his advice on how to protect against vulnerabilities:

“Once the flaw becomes public, companies patch it up and neutralize the risk. However, for vulnerabilities to become inefficient, it is essential to update your devices’ operating systems and software regularly. By adding an antivirus and a firewall to your devices and network, you would stop most vulnerabilities even if they were overlooked before.”

A growing number of vulnerabilities

As cyberattack volume has been increasing, many hackers started to search for new undetected vulnerabilities they could exploit.

The number of published software vulnerabilities in 2015 and 2016 were close to 6,500.

In 2017, published vulnerabilities doubled in numbers reaching new heights of 14,644. One of the most dangerous exploits this year was CVE-2017-0144, which affected the Windows operating system. Hackers used the vulnerability to deliver WannaCry, Petya/NotPetya ransomware, resulting in one of the most damaging ransomware outbreaks to date.

Last year, in 2020, a record-breaking 18,395 exploits were reported. Vulnerabilities increased by 26% from 2017.

In March 2020, another concerning vulnerability was published — CVE-2020-0796. This exploit could be abused in several ways, such as hackers launching a network-based attack, sending malware, or gaining privileges to the target’s system.

To read the full article, head over to:

https://atlasvpn.com/blog/51-of-exploits-sold-on-underground-forums-are-for-microsoft-products