Threat Actor: Unknown | Unknown
Victim: Chrome browser users | Chrome browser users
Price: $1,000,000
Exfiltrated Data Type: Not specified
Key Points :
- A threat actor is selling a 0day Sandbox Escape Remote Code Execution (RCE) vulnerability in the Chrome browser.
- The exploit works on versions 126.0.6478.126 and 126.0.6478.127 of the Chrome browser.
- The vulnerability has been tested on Windows operating systems, specifically versions 21H1 and 21H2.
The threat actor claims that the exploit can bypass the browser’s sandboxing mechanisms, potentially allowing attackers to execute arbitrary code on affected systems. Transactions for the exploit will be conducted with a middleman or guarantor to ensure security for both parties.
Source: Threat Actor Claims to Sell 0day Sandbox Escape RCE in Chrome Browser on Daily Dark Web.
A threat actor has surfaced, claiming to be selling a 0day Sandbox Escape Remote Code Execution (RCE) vulnerability in the Chrome browser. The exploit is said to work on versions 126.0.6478.126 and 126.0.6478.127 of the Chrome browser.
According to the threat actor, the vulnerability has been tested and confirmed to function on Windows operating systems, specifically versions 21H1 and 21H2. The asking price for this exploit is $1,000,000, payable in Monero (XMR) or Bitcoin (BTC).
The threat actor has indicated that transactions will be conducted with a middleman or guarantor to ensure security for both parties. This exploit poses a significant threat given its capability to bypass the browser’s sandboxing mechanisms, potentially allowing attackers to execute arbitrary code on affected systems.
The post Threat Actor Claims to Sell 0day Sandbox Escape RCE in Chrome Browser appeared first on Daily Dark Web.