Image Source: Tech Target
Topics: Computer Science, Cryptography, Cybersecurity, Spyware
Spyware vendors are exploiting zero days and known vulnerabilities in Android, iOS, and Chrome, sparking an increase in “dangerous hacking tools,” warned Google’s Threat Analysis Group.
In a blog post on Wednesday, Clement Lecigne, a security engineer at Google, detailed two recent campaigns that TAG discovered to be “both limited and highly targeted.” The campaigns leveraged zero-day exploits alongside known vulnerabilities, or N days, against unpatched devices on widely used platforms.
In addition to emphasizing an ongoing patching problem, Google said the threat activity showed just how prevalent spyware vendors have become and the dangers they present, especially when wielding zero days.
“These campaigns are a reminder that the commercial spyware industry continues to thrive,” Lecigne wrote in the blog post.
TAG currently tracks more than 30 commercial surveillance vendors that sell exploits or spyware programs to various governments and nation-state threat groups. While Google acknowledged spyware use might be legal under national or international laws, such tools have historically been used against targets such as government officials, journalists, political dissidents, and human rights activists. For example, in 2018, NSO Group’s Pegasus spyware was linked to the death of journalist Jamal Khashoggi, who was killed by Saudi government agents in 2018 after being surveilled and tracked via his mobile phone.
While spyware has been used to track high-value targets in the past, Lecigne warned vendors that access to zero days and N days poses an even broader threat.
“Even smaller surveillance vendors have access to 0-days, and vendors stockpiling and using 0-day vulnerabilities in secret pose a severe risk to the internet,” Lecigne wrote. “These campaigns may also indicate that exploits and techniques are being shared between surveillance vendors, enabling the proliferation of dangerous hacking tools.”
Google: Spyware vendors exploiting iOS, Android zero days, Arielle Waldman, Tech Target News Writer