Google Reveals Sophisticated Windows and Android Hacking Operation (zdnet.com) 15
Google published a six-part report this week detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices. From a report: The attacks were carried out via two exploit servers delivering different exploit chains via watering hole attacks, Google said. "One server targeted Windows users, the other targeted Android," Project Zero, one of Google's security teams, said in the first of six blog posts. Google said that both exploit servers used Google Chrome vulnerabilities to gain an initial foothold on victim devices. Once an initial entry point was established in the user's browsers, attackers deployed an OS-level exploit to gain more control of the victim's devices. The exploit chains included a combination of both zero-day and n-day vulnerabilities, where zero-day refers to bugs unknown to the software makers, and n-day refers to bugs that have been patched but are still being exploited in the wild.
And what was their goal? (Score:5, Informative)
That would have been the interesting part of this ...
Re: (Score:2)
sounds like a state actor, or their providers like NSO
Re: (Score:3)
Money. Ransomware is a great business. Russia and the old bloc countries won’t extradite anyone for writing software.
Re: (Score:2)
Money. Ransomware is a great business. Russia and the old bloc countries won’t extradite anyone for writing software.
Put it in another way, Russia and many other countries won't extradite anyone to another country that they do not have an extradition agreement in place.
Extradition agreement generally is two-ways, if Americans want criminals in Russia be extradite to the US, are Americans prepared to extradite US criminals to Russia? Put up or shut up.
Another interesting thought experiment. If China continue to get richer, in 20 years we may see American hackers injecting ransomware to Chinese companies to extort money,
Re: (Score:2)
That sure would be good to know.
The Google team went into great detail about the vulnerabilities and the details of the exploit chains. Then nothing about what the attackers did after they achieved persistence.
They also said it was a watering hole attack, but I see no mention of what kind of watering holes - who the targets were.
Given the level of detail about the exploits, I suspect that the reason there is no mention of the targets and what the bad did with the access is because that was a conscious deci
Thanks for being a friend (Score:2)
Thanks for being a friend And letting us know a year after the fact.
Chrome is the new IE in the bad ways! (Score:4, Insightful)
Chrome is the new IE in the bad ways!
Re: (Score:2, Flamebait)
Horseshit. The bad ways of IE had nothing to do with easily patched coding bugs. IE's security structure didn't exist and it employed a extension set which was actively insecure by design. Chrome is pretty much the opposite.
Chrome is the new IE in the way every software is the new IE, not in the "bad ways" but rather in the completely expected ways: it has bugs. If you want to pretend that there's any software out there which doesn't then you have no business commenting on security.
Re: Chrome is the new IE in the bad ways! (Score:2)
It is technically correct, IE6 vulnerabilities were pretty nasty. The only thing that IE6 and chrome have in common is that in their prime they were both big targets.
TBH this is c++ showing its age; the supply of these bugs for something as complex as a web browser is endless. Mozilla has the right idea of using a more modern language, which it also happens to have invented, the problem is it doesn't have funding.
It takes one to know one (Score:2)
Just sayin'
Just another reason (Score:3)
Not to use the spyware known as Google Chrome. With all its data siphoning, too many vectors exist which allow things like this to happen.
Link to actual blog post (Score:3, Informative)