HamberMenu
  1. Data
  2. Health
  3. SEARCH Icon
  1. Data
  2. Health
  3. SEARCH Icon

To enjoy additional benefits

Crossword+

CONNECT WITH US

Google spots spyware campaigns targeting Android, iOS, and Chrome

Researchers at Google discovered two distinct spyware campaigns using zero-day exploits to target Android, iOS, and Chrome 

March 31, 2023 01:24 pm | Updated 02:41 pm IST

The Hindu Bureau
Google researchers detected two spyware campaigns that were using various zero-day exploits alongside n-day exploits to target Android, iOS, and Chrome. 

Google researchers detected two spyware campaigns that were using various zero-day exploits alongside n-day exploits to target Android, iOS, and Chrome.  | Photo Credit: Reuters

Google researchers detected two spyware campaigns that were using various zero-day exploits alongside n-day exploits to target Android, iOS, and Chrome.

The campaigns were found to be taking advantage of the time gap between releasing the zero-day bug fix and its deployment in end-user’s device.

The first campaign targeted users by sending short links using text messages that would lead them to a website that delivered the exploit. The link would then redirect them to legitimate websites such as the page to track shipments, or a popular Malaysian website to avoid detection

ALSO READ
Phishing website Z-Lib.is pretends to be Z-Library, asks for funds

The campaign was also found to be sharing the GPS location of devices while allowing attackers to install application archive files on iOS devices, Google’s Threat Analysis Group said in a blog post.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

In Android, the campaign was found to target phones with ARM GPU running Chrome and were using Intent Redirection to deliver three exploit loads.

The second campaign, discovered by Amnesty International, contained a complete exploit chain consisting of multiple zero-day vulnerabilities targeting the latest versions of Samsung’s internet browser.

The campaign was found to be using a landing page identical to the one developed by commercial spyware vendor Variston to deliver exploits. These exploits were found to deliver a fully featured Android spyware suite that included libraries for decrypting and capturing data from various chat and browser applications.

The campaigns, bearing the hallmarks of state-sponsored campaigns, affected users in Italy, Malaysia, and Kazakhstan, while the second campaign was found to target users in the United Arab Emirates (UAE).

ALSO READ
Google paid $12 million as bug bounty; fixed over 2,900 security issues in 2022

“Unscrupulous spyware companies pose a real danger to the privacy and security of everyone. We urge people to ensure they have the latest security updates on their devices,” said Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab.

In a step to address spyware, the U.S. President, on Monday, signed an executive order restricting the government’s use of commercial spyware technology that poses a threat to human rights.

Related stories

Related Topics

technology (general) / internet / cyber crime / World

Top News Today

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.