The Exploit Kit Economy: How Cyber Weapons Move From Intelligence Agencies to GitHub

$2,500,000. That is what vulnerability broker Zerodium will pay for a full iOS exploit chain with persistence, according to the price list published on its own website. Crowdfense, a competing broker based in the UAE, advertises up to $7 million for the same class of exploit. These are not leaked figures or dark-web estimates. They are listed on corporate websites, in English, next to terms of service and contact forms.

This week, an exploit kit called DarkSword appeared on GitHub. It targets iPhone Xs through iPhone 16 running iOS 18.4 through 18.6.2, and compromises the device through a manipulated webpage when a user visits it. Apple patched the underlying vulnerabilities in iOS 26.3.1 and iOS 18.7.6. The iVerify researchers who analyzed DarkSword described it as sophisticated enough to indicate state-level development resources. Someone spent millions building this tool. Someone else decided to post it for free.

The price delta between $2.5 million and zero is not a curiosity. It is the story.

The Price List

Zero-day exploits have a public market. Zerodium, founded in 2015 by former Vupen CEO Chaouki Bekrar, operates as an acquisition platform for vulnerability research. Its price list, updated periodically and available to anyone with a web browser, assigns dollar values to exploits by target and capability. At the top sits the iOS full chain with persistence: up to $2.5 million. An Android equivalent fetches up to $2.5 million as well. A WhatsApp remote code execution, with or without click, is worth up to $1.5 million.

Crowdfense, headquartered in Abu Dhabi, launched its Vulnerability Research Hub in 2023 with even higher advertised payouts. Its iOS zero-click chain ceiling stands at $7 million. These are acquisition prices, what brokers pay researchers. The prices that end customers pay are higher. Government intelligence agencies typically face a significant markup on the acquisition cost, depending on exclusivity terms and operational support.

The market is not new. Vupen, Zerodium's predecessor, began openly selling exploits to NATO-allied governments as early as 2012. What has changed is the scale. The annual global market for commercial spyware was valued at roughly $12 billion in 2023, according to estimates compiled by the Atlantic Council and other research organizations. Vulnerability acquisition is a small but critical slice of that total, the raw material that feeds the entire apparatus.

The Supply Chain

A zero-day exploit follows a supply chain as predictable as any manufactured product. It begins with a vulnerability researcher, often employed by a private firm, who discovers a flaw in a software target. The researcher or their employer sells the finding to a broker. The broker packages it into an operational tool, sometimes combining multiple exploits into a chain that escalates from initial access to full device control. The broker sells the finished product to a government client. The government deploys it against surveillance targets. Eventually, through patching, detection, leaking, or reverse engineering, the exploit becomes obsolete.

NSO Group, the Israeli firm behind the Pegasus spyware, employed approximately 750 people at its peak to discover and weaponize vulnerabilities. This was not a garage operation. NSO had offices in Herzliya, an HR department, employee stock options, and revenue that reportedly reached $250 million in its best years. The company structured its pricing around installation fees and per-device licensing, with leaked documents from 2016 showing that monitoring 10 smartphones cost $650,000 and 50 devices ran to 20.7 million euros annually. A single iPhone vulnerability might cost millions to develop, but the per-device revenue model meant it could generate returns many times over.

The RAND Corporation studied exploit lifecycles in 2017 and found that the average zero-day vulnerability survived 6.9 years before public disclosure. The annual rate of independent rediscovery was roughly 5.7 percent of a given stockpile, meaning most vulnerabilities stayed secret for years. But the operational window for a weaponized exploit was shorter, because each use increased the probability of detection. This creates the economic logic of the market: exploits are depreciating assets. Like options contracts, they lose value with time and expire upon detection.

The Buyers

The customer base for commercial exploit kits consists primarily of government intelligence and law enforcement agencies. Citizen Lab, the research group at the University of Toronto, identified at least 45 countries where Pegasus operators appeared to be conducting surveillance in a landmark 2018 report based on internet scans from 2016 to 2018. The buyers included democracies and authoritarian regimes alike: Mexico, Saudi Arabia, India, Hungary, Spain, the UAE, Morocco, Rwanda.

The market does not discriminate by regime type. A government's willingness to pay determines access. NSO Group claimed it sold only to vetted government clients and maintained a human rights review process, but Citizen Lab documented Pegasus deployments against journalists, opposition politicians, and human rights defenders across multiple countries. The tool was the same whether used by a European police force investigating organized crime or by an authoritarian intelligence service targeting a dissident's family.

The US Commerce Department added NSO Group and Candiru, another Israeli spyware vendor, to its Entity List in November 2021, restricting their access to American technology. The EU Parliament's PEGA Committee, which completed its investigation in 2023, found that at least four EU member states, Spain, Hungary, Greece, and Poland, had acquired or deployed Pegasus-type surveillance tools. The committee's recommendations for regulation remain largely unimplemented.

The institutional appetite for these tools has not diminished. What has changed is the supply side.

When Kits Leak

Exploit kits have leaked before, and each leak followed the same pattern: the tool degraded from exclusive weapon to commodity threat, the original vendor faced exposure and legal consequences, and the global threat landscape permanently expanded.

In July 2015, the Italian surveillance firm Hacking Team suffered a catastrophic breach. Attackers published 400 gigabytes of internal data, including source code for its Remote Control System (RCS) spyware, client lists, invoices, and internal emails. The client list confirmed sales to Sudan, Ethiopia, Saudi Arabia, and other governments with poor human rights records. Hacking Team's business never fully recovered.

The Shadow Brokers began leaking NSA hacking tools in August 2016 and continued through April 2017. The most consequential release included EternalBlue, an exploit targeting a vulnerability in Microsoft's SMB protocol. Within weeks of the April 2017 leak, EternalBlue was incorporated into the WannaCry ransomware attack. WannaCry hit over 200,000 systems across 150 countries in a single weekend. The UK's National Health Service lost access to patient records. Total global losses from WannaCry reached an estimated $4 billion. Weeks later, the NotPetya attack, also built on EternalBlue, struck FedEx subsidiary TNT Express with $300 million in first-quarter damages alone, eventually reaching $400 million.

In March 2017, WikiLeaks published Vault 7, exposing CIA hacking tools and techniques. In 2023, leaked documents exposed Intellexa's Predator spyware operations, leading to US Treasury sanctions against Intellexa consortium entities in March 2024. Each disclosure followed the same arc: secrets became public, exclusive tools became available, and the barrier to malicious use dropped.

DarkSword on the Open Market

DarkSword fits this pattern but pushes it further. Previous leaks required sifting through data dumps, adapting source code, and building operational infrastructure. DarkSword appeared on GitHub, the world's largest code hosting platform, owned by Microsoft, with over 100 million registered developers. The distribution channel could not be more accessible.

The exploit kit targets iPhone Xs through iPhone 16 running iOS versions 18.4 through 18.6.2. It operates as a browser-based attack chain: the target must visit a compromised or malicious webpage, at which point the exploit executes without further interaction. iVerify's analysis described six chained vulnerabilities, including Safari JIT flaws, a GPU sandbox escape, and kernel privilege escalation, pointing to development resources typically available only to state intelligence programs or large commercial spyware firms.

Apple's active iPhone install base exceeded 1.5 billion devices globally as of early 2026. Not all run vulnerable versions, and Apple moved to patch the vulnerabilities in iOS 26.3.1 and iOS 18.7.6. iVerify estimated that approximately 221 million devices, roughly 14 percent of the active iPhone population, were running vulnerable iOS versions at the time of the leak. For older devices that cannot run the latest iOS at all, no patch will ever arrive.

The economic calculus changed overnight. A tool worth millions on the broker market became free. The customer base expanded from a handful of government agencies to anyone with the technical competence to deploy it.

The Economics of Depreciation

Zero-day exploits are the most perishable assets in technology. Their value peaks at the moment of discovery and declines with every use, because each deployment increases the chance a target, a security vendor, or the software maker will detect and patch the underlying flaw. The RAND Corporation study found that a stockpile loses roughly 5.7 percent of its zero-days to independent rediscovery each year, but the practical operational window was far shorter due to detection risk.

DarkSword's appearance on GitHub represents a total write-off. Whoever developed the exploit chain invested millions in researcher hours, testing infrastructure, and operational packaging. Whoever purchased it paid a premium for exclusivity. The GitHub upload destroyed that exclusivity and the tool's remaining commercial value in an instant.

But the threat potential moved in the opposite direction. When an exploit is exclusive, it is used surgically against dozens or hundreds of high-value targets. When it becomes public, it can be deployed against millions. The EternalBlue precedent is instructive: the same tool that the NSA used for targeted intelligence collection became, within weeks of leaking, the engine of the most destructive ransomware attack in history.

Why would anyone leak such a valuable asset? The possibilities map onto a small set of economic and strategic rationales. A burned asset, already detected by Apple and about to be patched, has negative value to its owner because it signals capabilities without delivering results. Leaking it inflicts maximum reputational damage on the vendor and the buyers. Alternatively, a disgruntled insider, a geopolitical adversary seeking to neutralize a rival's surveillance capability, or a researcher who obtained the code and chose disclosure over profit. The motive remains unknown. The economic outcome is clear.

The Bug Bounty Gap

Apple launched its Security Bounty program publicly in December 2019, having operated an invitation-only version since 2016. The maximum payout for a full iOS exploit chain with kernel persistence and bypass of all mitigations is $2 million. Google's Vulnerability Reward Program, the longest-running major bounty program, has paid out over $50 million since inception, with individual Android exploit chain rewards reaching $1.5 million.

These are significant sums. They are also less than what brokers pay. The gap between Apple's $2 million ceiling and Zerodium's $2.5 million floor, or Crowdfense's $7 million ceiling, is the engine that keeps the offensive market running. A researcher who discovers a full iOS zero-click chain faces a rational economic choice: report it to Apple for up to $2 million (with tax implications, public disclosure policies, and months of processing) or sell it to a broker for $2.5 to $7 million (with anonymity, faster payment, and no usage restrictions).

In May 2020, Zerodium's founder publicly announced a temporary pause in iOS exploit acquisitions, citing an oversupply. Even the zero-day market has inventory cycles. The announcement signaled that the volume of iOS exploit research had reached a point where brokers had more supply than their government clients could absorb. The pause was temporary. Prices recalibrated, and acquisition resumed.

Bug bounty programs have not closed the gap because they cannot. Apple would need to outbid every government intelligence agency in the world simultaneously. The structural incentive points toward offensive use, and it will continue to do so as long as nation-states treat surveillance capability as a budget priority.

What Comes After the Leak

The Shadow Brokers leak provides the closest template for what happens when a state-grade exploit becomes public. EternalBlue appeared in April 2017. By May, WannaCry had hit 150 countries. By June, NotPetya caused an estimated $10 billion in damage, much of it concentrated in Ukraine but spreading globally through multinational supply chains. The timeline from leak to mass exploitation was measured in weeks, not months.

DarkSword targets a substantial device base. Over 1.5 billion active iPhones worldwide, with iVerify estimating roughly 221 million running vulnerable iOS versions at the time of disclosure. Apple's update infrastructure is among the fastest in the industry, with roughly two-thirds of all active iPhones running the latest major version within five months of release. But the window between disclosure and universal patching remains large enough to exploit at scale.

The critical variable is not whether criminal actors will attempt to weaponize DarkSword for mass exploitation. The EternalBlue precedent answers that question. The variable is whether Apple's update infrastructure can push adoption fast enough to narrow the window, and what happens to the hundreds of millions of older devices that will never receive the patch.

The market that produced DarkSword has not stopped operating. Zerodium's price list is still online. Crowdfense is still buying. Somewhere, a team of vulnerability researchers is working on the next iOS exploit chain, and a broker is ready to price it. The economic logic that created DarkSword will create its successor. The only question the market cannot answer is when it will leak.