Google uncovers complicated hack that used four zero-day exploits

Posted on Thursday, Jan 14 2021 @ 12:45 CET by Thomas De Maesschalck
Google logo
Security researchers from Google discovered a sophisticated attack that involved the use of numerous exploits to install malware on Windows and Android-based devices. Windows users were targeted by four zero-day exploits in Windows and Chrome, which means these vulnerabilities were not known to Google or Microsoft. The Android attacks did not exploit zero-day vulnerabilities but Google suspects the attackers also had zero-day Android exploits at their disposal. Targets of interest were infected by compromising websites frequented by the targets. Google isn't pointing any fingers but notes the attack was carried out by a "highly sophisticated actor."
“These exploit chains are designed for efficiency & flexibility through their modularity,” a researcher with Google’s Project Zero exploit research team wrote. “They are well-engineered, complex code with a variety of novel exploitation methods, mature logging, sophisticated and calculated post-exploitation techniques, and high volumes of anti-analysis and targeting checks. We believe that teams of experts have designed and developed these exploit chains.”
Further details can be read at ARS Technica.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments