It's quite unlikely someone would risk burning a viable 0day without either going wide (and then we would've heard from a few more people) or going after a well outlined target that would be guaranteed to be worth more than the 0day itself.

The person in question is very wealthy. I know at one point his portfolio was 9 figures. That may have been at the peak of the bull market but I imagine path is still very rich. Is it worth a 0day, still not sure.

I guess my prior based on the way this guy was talking was that he probably had at least 6-7 figures in crypto stolen, which is worth it for a mid tier 0day. Especially if you think it's unlikely to actually get burnt.

To explain your comment a bit: It should be 0 day AND a rootkit, not OR. Plus the rootkit is not always needed or possible.

Also the people talking about “burning zero days”… every time you use an exploit (ignoring the exact meaning of 0 days) it doesn’t become burned by the first person. The hacker could use it on hundreds of people before it’s discovered and patched by whatever software it targets. That could take months.

It can certainly be "or": rootkits can come from your machine's supply chain, and lie mostly dormant for many months or years before activation. Rootkits can get installed after a non-zero-day-entrypoint vector e.g. simply tricking the user into running downloaded malware. etc.

If you have a security background then you know that 0days go for 6-7 figures and it's unlikely somebody would burn one of those on some random dude.

Way to make yourself feel important. It's not that you made some terrible choices yourself, like using a known-insecure password manager SaaS, or putting real money into crypto. Nono, somebody pulled a 0day on me, what can ya do? Shrugs