In November 2022, Google revealed the existence of a then-unknown spyware vendor called Variston. Now, Google researchers say they have seen hackers use Variston's tools in the United Arab Emirates.
"The actor using the exploit chain to target UAE users may be a customer or partner of Variston, or otherwise working closely with the spyware vendor," the blog post read.
Google: Hackers in UAE targeted with Spanish spyware - Global Village Space | Technology
Google also discovered hackers exploiting an iOS zero-day bug, patched in November, to remotely plant spyware on users' devices.
Google also observed hackers exploiting a chain of three Android bugs targeting devices running an ARM-based graphics chip, including one zero-day.
The discovery of these new hacking campaigns is a reminder that the commercial spyware industry continues to thrive, says Google. Even smaller surveillance vendors have access to zero-days, and vendors stockpiling and using zero-day vulnerabilities in secret pose a severe risk to the internet.
Spyware campaigns using zero-days found in Italy, Malaysia, Kazakhstan, UAE
One campaign targeted people in Italy, Malaysia and Kazakhstan, while the other operated in the United Arab Emirates (UAE), the researchers said.
Google called the campaigns "distinct, limited and highly targeted." The company did not specify the source of the spyware in either case, but said the incidents speak to the size of the marketplace for surveillance tools.
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.
3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and has over 12 million daily users.
Bloomberg - Are you a robot?
Hackers used #spyware made in Spain to target users in the UAE, Google says https://t.co/t9YoWbuMMP TechCrunch (from San Francisco, CA) Wed Mar 29 21:25:33 +0000 2023
No comments:
Post a Comment