High Demand for Signal App Exploits

The Signal secure messaging application is one of the hottest targets by exploit brokers. Likely to facilitate espionage efforts (particularly against Ukraine), OpZero a Russian company, offered $1.5 million for a remote code execution (RCE) exploit against Signal. The offer by OpZero triples the $500k offer set by US information security company, Zerodium. OpZero's operations have been questioned by security experts given the company’s relatively new status with an apparent large financial portfolio. From reviewing OpZero's online presence, they've been an active Twitter user since July 2021, with their website only recently being indexed by Google in October 2022. Although the company doesn't reveal its customer-based, they admit to working with “Russian private and government organizations.”