viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
Hackers used 4 zero-days to infect Windows and Android devices
Technology

Hackers used 4 zero-days to infect Windows and Android devices

13/01/2021

Stylized image of rows of padlocks.

Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices.

Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers (both companies have since patched the security flaws). The hackers delivered the exploits through watering-hole attacks, which compromise sites frequented by the targets of interest and lace the sites with code that installs malware on visitors’ devices. The boobytrapped sites made use of two exploit servers, one for Windows users and the other for users of Android.

Not your average hackers

The use of zero-days and complex infrastructure isn’t in itself a sign of sophistication, but it does show above-average skill by a professional team of hackers. Combined with the robustness of the attack code—which chained together multiple exploits in an efficient manner—the campaign demonstrates it was carried out by a “highly sophisticated actor.”

“These exploit chains are designed for efficiency & flexibility through their modularity,” a researcher with Google’s Project Zero exploit research team wrote. “They are well-engineered, complex code with a variety of novel exploitation methods, mature logging, sophisticated and calculated post-exploitation techniques, and high volumes of anti-analysis and targeting checks. We believe that teams of experts have designed and developed these exploit chains.”

Advertisement

The modularity of the payloads, the interchangeable exploit chains, and the logging, targeting, and maturity of the operation also set the campaign apart, the researcher said.

The four zero-days exploited were:

  • CVE-2020-6418—Chrome Vulnerability in TurboFan (fixed February 2020)
  • CVE-2020-0938—Font Vulnerability on Windows (fixed April 2020)
  • CVE-2020-1020—Font Vulnerability on Windows (fixed April 2020)
  • CVE-2020-1027—Windows CSRSS Vulnerability (fixed April 2020)

The attackers obtained remote code execution by exploiting the Chrome zero-day and several recently patched Chrome vulnerabilities. All of the zero-days were used against Windows users. None of the attack chains targeting Android devices exploited zero-days, but the Project Zero researchers said it’s likely the attackers had Android zero-days at their disposal.

The diagram below provides a visual overview of the the campaign, which occurred in the first quarter of last year:

Google

In all, Project Zero published six installments detailing the exploits and post-exploit payloads the researchers found. Other parts outline a Chrome infinity bug, the Chrome exploits, the Android exploits, the post-Android exploitation payloads, and the Windows exploits.

The intention of the series is to assist the security community at large in more effectively combating complex malware operations. “We hope this blog post series provides others with an in-depth look at exploitation from a real-world, mature, and presumably well-resourced actor,” Project Zero researchers wrote.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

App Annie: The biggest apps and games of 2019
No doubt you’ve heard of Facebook Messenger, the top non-game …

App Annie: The biggest apps and games of 2019

Europe’s funding for deep tech like AI and VR fell 13% in 2020
As European startups have tried to carve out a competitive …

Europe’s funding for deep tech like AI and VR fell 13% in 2020

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • LeanTaaS raises $40 million to optimize health clinic operations with AI
    Human API raises $20 million to standardize …
    28/10/2020
  • The future of esports is bigger, messier, and worldwide
    The future of esports is bigger, messier, …
    18/01/2020
  • Eve Online gets Zenith Quadrant update
    Eve Online gets Zenith Quadrant update
    14/07/2020
  • Researchers release data set of CT scans from coronavirus patients
    Medopad rebrands to Huma, makes acquisitions to …
    16/04/2020
  • Amazon researchers use AI to improve the recognition of curved text
    Amazon researchers use AI to improve the …
    26/12/2019

Popular Posts

  • Ars online IT roundtable Thursday: What’s the future of the data center?
    Ars online IT roundtable Thursday: What’s the …
    19/01/2021 0
  • Top 10 Crazy Ways To Get Free …
    21/12/2020 0
  • Chinese face-scanning firm CloudMinds rebrands U.S. unit after blacklisting
    Chinese face-scanning firm CloudMinds rebrands U.S. unit …
    21/12/2020 0
  • Real estate software and data analytics company RealPage to be acquired for $10.2 billion
    Real estate software and data analytics company …
    21/12/2020 0
  • Bolt raises $75 million to fight ecommerce fraud with machine learning
    Bolt raises $75 million to fight ecommerce …
    21/12/2020 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2021 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.I AgreePrivacy policy