Report: Russia’s Expocod starts trading in software flaws like bourse

MOSCOW, Jun 1 (PRIME) -- A team of former Russian hackers and developers has launched a bourse-like firm Expocod to trade in vulnerabilities in popular software products with prices of some flaws reaching U.S. $500,000, business daily Kommersant reported Wednesday on its Web site.

Expocod is ready to pay $55,000 for an exploit, a program using software vulnerability to attack a calculating system, in Adobe Flash, while flaws in various browsers can be sold on the floor for $35,000–60,000.

The firm will resell the purchased vulnerabilities to state entities and companies engaged in information security. Sources told the daily Expocod could sell information also to special services.

Expocod’s founder Andrei Shorokhov said he had worked in financial intelligence in the department of financial investigation of the Federal Financial Monitoring Service, where he specialized in high technological crimes, among others.

“I’m the only owner of Expocod and the project’s final beneficiary. There are no secret investors; I’m the only one to invest in the project’s development,” Shorokhov said.

The company’s turnover from deals with exploits will amount to 100–120 million rubles until the end of the year, and payments will be done with banking transfers or bitcoins, the businessman said.

“We keep the right to choose to whom and what to sell. It’s a matter of ethics and reputation. Of course, we won’t sell exploits to fighters for independence in Somalia or North Korea or similar regimes, and to the rest why not,” he said.

(65.9962 rubles – U.S. $1)

End