The Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground
Published by Trend Micro
The cybercriminal underground is host to a vast market of zero-day and N-day exploits, where the price for an exploit is often dictated by how long it has been out (the newer, the more expensive) and whether a patch for the exploited vulnerability is forthcoming (zero-day) or has already been released (N-day). Over the past two calendar years, we scoured underground forums for N-day exploits to determine how long they stayed in the market. We also examined their life cycle to see whether malicious actors strictly favored newer exploits or also had uses for older ones.
Our two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.