Due to high demand on the market, we're increasing payouts for top-tier mobile exploits. In the scope:
— iOS RCE/LPE/SBX/full chain — From $200,000 up to $20,000,000 (twenty millions).
— Android RCE/LPE/SBX/full chain — The same.
As always, the end user is a non-NATO country.
We are looking for the following iOS
#0day
exploits:
— iOS 16 Full Chain / $2,000,000
— iOS 16 Safari LPE / $500,000
— iOS 16 PAC Bypass / $100,000
Submit your zero-day:
We would also like to see your submissions on these targets:
— SonicWall NGFW RCE — Up to $200,000
— FortiGate NGFW RCE — Up to $200,000
— MS Word RCE — Up to $150,000
The prices depend on limitations of exploits. Submit details via the form:
In search of:
— Chrome RCE w/o SBX — Up to $500,000
The zero-day exploit should work on latest Android and tailored at least to Samsung S23/24. Submit details via the form:
We are urgently looking for the following
#0day
exploits:
— iOS 16/17 RCE Full Chain / $2,500,000
— Android RCE Full Chain / $2,500,000
— E-mail client and server RCE (Microsoft Exchange, Outlook, Thunderbird, etc) / $150,000
Submit your zero-day:
By increasing the premium and providing competitive plans and bonuses for contract works, we encourage the developer teams to work with our platform.
Reach us via e-mail to figure out how to maximize the net profit of your team.
Also, we look for:
— macOS kernel LPE — Up to $300,000
— macOS non-kernel LPE — Up to $100,000
Zero-day exploits should work on macOS 13/14 running on Apple silicon M1 and M2 chips. Submit details via the form:
In search of:
— Mikrotik router RCE — Up to $150,000
Zero-day exploits should be applicable to Ethernet or Wireless routers. More broad range of devices such as switches would be a plus which may increase the total payout. Submit details via the form:
Great price, guys, but that's nothing.
According to high market demand, we are increasing our payouts for
#Chrome
#exploits
:
- Chrome RCE + SBX / $1,200,000
- Chrome RCE / $500,000
- Chrome SBX / $500,000
We're (temporarily) doubling our bounty for Chrome chains (RCE+SBX) to $1,000,000.
Payouts for a standalone RCE or SBX
#0day
exploit increased to $400,000.
- [$1,000,000] Chrome RCE + SBX
- [$400,000] Chrome RCE only
- [$400,000] Chrome SBX only
We are looking for a Mozilla Firefox RCE 0day. The exploit should work on Windows desktop and be 100% reliable.
- Firefox RCE / $250,000
Contact us via email: contact
@opzero
.ru
We are looking for a Chrome RCE w/o SBX that can be adjusted for different platforms: Android, iOS, Windows.
— Chrome RCE / $500,000
Submit your zero-day:
Continuing the previous post, we're also looking for
#0days
:
— Server-side No Authentication RCE (SSL VPN appliances, CRMs, e-commerce, etc) / up to $100,000
— Microsoft Office RCE / depending on the quality of the exploit
Submit your zero-day:
We are seeking for the following
#0day
#exploits
:
- Chrome full-chain (RCE + SBX escape + Windows LPE) / From $600,000
- Windows LPE / From $100,000
- VMware pre-auth RCE / Depending on the vulnerable target
Of course, we are buying zero-days for other targets too.
We will be sponsoring PHDays 12, one of the largest information security conferences in Russia that will be held on May 19-20, 2023 in Moscow. Don't miss the chance to meet us in person and ask your questions.
@BratvaCorp
Not correct. Actually buying zero-days for more than 2 years already. You can try to sell by yourself if you got a high quality exploit for a popular software.