1. Home
  2. >>
  3. zero
  4. >>
  5. New zero-day attacks: how Google protects users

New zero-day attacks: how Google protects users

New zero-day attacks: how Google protects users

As we have reported several times, the attacks zero-daythat is, those attacks that exploit vulnerability still not known to developers, they have seen an exponential increase in the course of 2021, and the situation does not promise to improve this year.

Google, through his Threat Analysis Group (TAG) identified in the course of 2021 9 vulnerabilitiesand after analyzing the top four last year, he now looks at the other five, and the shares he has put in place to counter them. These vulnerabilities, which concern

have been exploited in three different campaigns attacks, mostly developed by for-profit entities and sold and used by actors supported by various governmentsbased (at least) in Egypt, Armenia, Greece, Madagascar, Ivory Coast, Serbia, Spain and Indonesia.

But how are they been exploited the vulnerabilities? Practically Google found that all attack campaigns sent, to target users Android (journalists but not only), links imitate the URL shortening services. If clicked, the link redirected to a domain that it injected malware before redirecting your browser to a legitimate website. The malware in question was ALIENwhich loaded an Android rig called PREDATORwhich sent a series of commands such as audio recording, adding CA certificates (certification authorities, which guarantee the safety of web traffic) e hiding app.

In the article, really interesting, Google claims to have discovered and promptly activated measures against these attacks, and the case of the Spainrecently hit the headlines for the so-called Catalan Gate.