Search engine giant Google claimed on Monday hackers from the Russian government are exploiting complex flaws that are closely related to those used by notorious spyware producers, Intellexa and NSO Group.
Russia’s APT29 has been observed using exploits that are either identical or strikingly similar to those used by NSO Group and Intellexa, according to researchers in the Google TAG (Threat Analysis Group).
This unholy move by the Russian government suggests that state-backed actors and contentious surveillance software vendors may be purchasing tools from each other.
READ ALSO:Google hit with antitrust lawsuit filed by user-generated reviews app Yelp
Google researchers claim that APT29 has employed a number of in-the-wild exploit activities that stemmed from an attack on government websites in Mongolia via a watering hole.
The campaigns employed a Chrome exploit chain against Android users running versions from m121 to m123 after first delivering an iOS WebKit exploit that affected iOS versions older than 16.6.1.
Google TAG said: “These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices,” adding that the attackers used exploits that were strikingly similar to, or identical to, those previously used by NSO Group and Intellexa in each iteration of the watering hole campaigns.
Join the conversation
Opinions
Support Ripples Nigeria, hold up solutions journalism
Balanced, fearless journalism driven by data comes at huge financial costs.
As a media platform, we hold leadership accountable and will not trade the right to press freedom and free speech for a piece of cake.
If you like what we do, and are ready to uphold solutions journalism, kindly donate to the Ripples Nigeria cause.
Your support would help to ensure that citizens and institutions continue to have free access to credible and reliable information for societal development.
Donate Now
