Cfrtjryk

up vote 92 down vote favorite 20 I am trying to understand why an attacker would want to wait to use a zero-day exploit. I have read that an attacker does not want to waste the zero-day because they are typically very expensive to obtain in the first place, but it is not clear to me what is meant by “waste” here. Zero-days can be discovered by the community (e.g. security researchers) which would render it useless. In this sense, the zero-day has been wasted by the inaction of the attacker. Is there a risk with using the zero-day exploit too soon? It seems that an attacker would want to minimize the chances of the zero-day being discovered, and thus use it as quickly as possible. Question: What factors would cause the attacker to wait to use a zero-day exploit? zero-day