The Reality of the Cyber-Weaponized Zero-Day Market
Russian hacking tool broker Operation Zero publicly offered up to $4 million (approximately 5.4 billion won) to hackers who discover Telegram messenger vulnerabilities — openly soliciting zero-day exploits. Operation Zero supplies zero-day hacking tools exclusively to Russian government and corporations. Zero-day vulnerability: a security hole unknown even to the software developer, allowing exploitation with no defensive patch available. Offered rewards: zero-click RCE full chain (complete device takeover without any user interaction) — $4 million; one-click RCE full chain — $1.5 million; sandbox escape — $500,000. Why Telegram is targeted: approximately 800 million users globally; widely used by journalists, dissidents, activists, and politicians who believe it is secure — but its security model has critical gaps. Telegram''s security gaps: default conversations lack end-to-end encryption (E2EE); messages stored on Telegram servers in decryptable form; only "Secret Chat" (manual, 1:1 only) provides true E2EE; group chats have no E2EE option. Johns Hopkins cryptographer Matthew Green: "Most Telegram conversations and all group chats lack end-to-end encryption; content is stored on Telegram servers." The security paradox: Telegram''s reputation as "secure" drives adoption by high-value targets (journalists, political figures, dissidents) — making it more valuable as an intelligence target than apps like Signal that are genuinely secure but less widely used. The $4M price point signals state-level demand: at this valuation, only nation-states are buyers. The public solicitation itself is unusual — Operation Zero is signaling to the hacker community that lucrative legitimate (in their jurisdiction) market exists for offensive capabilities, normalizing the cyber-weapons market and recruiting talent openly.
