WabiSabiLabi founder arrested, in custody of Italian authorities

Share this article:
Italian authorities are holding the founder of WabiSabiLabi, an eBay-like online marketplace for buying and selling zero-day vulnerabilities.

However, the arrest of Roberto Preatoni, reportedly on charges related to a well-publicized Italian spying scandal, has not affected the organization's day-to-day operations, according to a statement released by the Switzerland-based group.

WabiSabiLabi confirmed in the statement that Preatoni had been arrested, but said it could not comment on the case. According to press reports, Preatoni has become involved in a corporate spy scandal along with a group of penetration-testing employees at his former company.

“From newspaper reports, we presume the arrest relates to events in 2003-04 -- when his former company was hired by Telecom Italia's security division to safeguard Italia's interests -- and are unrelated to WabiSabiLabi in any way,” the organization said Thursday in a statement. “Roberto Preatoni is well known for his terrific contribution to information security and civil liberty [sic] and we are confident that his innocence will be established if a case ever comes to court.”

WabiSabiLabi was launched in July and functions as an online exchange for zero-day flaws. Submitted vulnerabilities are vetted by the organization's laboratory before proceeding to auction. WabiSabiLabi gets 10 percent of each sale.

Buyers and sellers must also send the company a copy of their identification, be reachable on a landline, provide an identifiable bank account. and sign an agreement that, if violated, could result in a lawsuit, Preatoni told SCMagazineUS.com in July.

Alex Eckelberry, Sunbelt Software president and CEO, said on his company's blog today that he doubts Preatoni is guilty, saying, “This is not some malicious hacker. He's a security professional. He's also been a staunch advocate of civil liberties in the post-9/11 world.”

“I find Preatoni's alleged guilt quite hard to believe. Preatoni might have been controversial at times, but I find it more than highly unlikely that he would have used his skills to hack illegally,” he said. “The problem is that there is not an abundance of technology know-how in jurisprudence, and one can only hope that he gets treated fairly. The Italian press is probably going to sensationalize this story, which certainly isn't going to help matters.”

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.