This has been happening for years, especially in the "botnet community". Either someone takes down someone else's botnet through the same bug and patches it or figures out a bug in the botnet and caps it for themselves (for example, getting ops in the CNC channel). I think Microsoft has even done in cooperation this a few times; it's dubious legal territory.
You can see some historical examples, both recent (Mirai had some viruses that went around closing the bug), as well as further in the past (there's one that escapes me, it must have been around 2010?)
I wish I could cite more, I'm going to spend some time researching this and make a list for myself, it's surprisingly interesting!
You can see some historical examples, both recent (Mirai had some viruses that went around closing the bug), as well as further in the past (there's one that escapes me, it must have been around 2010?)
I wish I could cite more, I'm going to spend some time researching this and make a list for myself, it's surprisingly interesting!