New research into the market for exploits on the Dark Web reveals that 61% of exploits sold target Microsoft products including Windows OS, Office, RDP and Internet Explorer.
The research presented by Trend Micro at the RSA 2021 Conference this week is the result of a year-long study of 600 dark web forums and markets where criminals buy and sell vulnerabilities and malware.
When it comes to the vulnerabilities that criminals are requesting on the underground market, half of requests are for Microsoft vulnerabilities compared to just 5% of requests being of IoT related products.
According to the research presented by Mayra Rosario Fuentes from Trend Micro, 61% of exploits sold target Microsoft products and they break down as follows:
- 52% of exploits target Word or Excel
- 24% of exploits target the Windows OS
- 16% of exploits target Internet Explorer
- 8% of exploits target RDP
The overwhelming bias towards Word and Excel based vulnerabilities is a clue as to the way criminals are targeting their victims i.e. through email attachments that contain malware. Knowing this, savvy security managers can implement controls to defend against this attack vector; especially email scanning to stop the malware at the network edge and Security Awareness training to equip staff with the tools to identify suspicious emails.