SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Hackers Used 4 Zero-Days to Infect Windows and Android Devices
Date    Saturday January 16 2021, @09:34AM
Author    Fnord666
Topic   
from the burned-a-lot-of-resources dept.
https://soylentnews.org/article.pl?sid=21/01/15/2017232

upstart writes in with an IRC submission:

Hackers used 4 zero-days to infect Windows and Android devices:

Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices.

Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers (both companies have since patched the security flaws). The hackers delivered the exploits through watering-hole attacks, which compromise sites frequented by the targets of interest and lace the sites with code that installs malware on visitors' devices. The boobytrapped sites made use of two exploit servers, one for Windows users and the other for users of Android.

[...] In all, Project Zero published six installments detailing the exploits and post-exploit payloads the researchers found. Other parts outline a Chrome infinity bug, the Chrome exploits, the Android exploits, the post-Android exploitation payloads, and the Windows exploits.


Original Submission

Links

  1. "upstart" - https://soylentnews.org/~upstart/
  2. "Hackers used 4 zero-days to infect Windows and Android devices" - https://arstechnica.com/information-technology/2021/01/hackers-used-4-0days-to-infect-windows-and-android-devices/
  3. "Chrome infinity bug" - https://googleprojectzero.blogspot.com/2021/01/in-wild-series-chrome-infinity-bug.html
  4. "Chrome exploits" - https://googleprojectzero.blogspot.com/2021/01/in-wild-series-chrome-exploits.html
  5. "Android exploits" - https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-exploits.html
  6. "post-Android exploitation payloads" - https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-post-exploitation.html
  7. "Windows exploits" - https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-post-exploitation.html
  8. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=46768

© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Hackers Used 4 Zero-Days to Infect Windows and Android Devices on 2024-03-28 22:37:43