Friday, January 15, 17:11
Home security Google: Revealed sophisticated attack on Windows and Android users

Google: Revealed sophisticated attack on Windows and Android users

Η Google published a report in which he describes in detail a complicated hacking campaign which he had identified in early 2020 and which targeted both Windows and Android users.

Google Windows Android
Google: Revealed sophisticated attack on Windows and Android users

According to the company, attacks took place through two exploit servers, which provided different exploit chains via watering hole attacks (attackers infect with malware the sites that a company uses the most).

"A server was targeting users Windows and the other Android ", said the security team of Google, Project Zero.

The researchers said they used both exploit servers Google Chrome vulnerabilities to get the original access at Appliances of the victims. After the initial entry into the user's browsers, the attackers used an OS-level exploit to gain more control over the victims' devices.

The exploit chains included a combination zero-day (unknown vulnerabilities) and n-day (vulnerabilities for which there is a patch, but continue to exploit them hackers) vulnerabilities.

Google said the exploit servers contained:

  • Four "Renderer" errors in Google Chrome (one of which was zero-day when it was discovered).
  • Two sandbox escape exploits exploiting three zero-day vulnerabilities in the Windows operating system.
  • And one "privilege escalation kit”Which consisted of well-known n-day exploits for older versions of Android.

Here are the four zero-days vulnerabilities used:

  • CVE-2020-6418: Chrome Vulnerability in TurboFan (corrected in February 2020)
  • CVE-2020-0938: Vulnerability in Windows (corrected in April 2020)
  • CVE-2020-1020: Vulnerability in Windows (corrected in April 2020)
  • CVE-2020-1027: Windows CSRSS Vulnerability (Fixed April 2020)

Google said the researchers did not find it data on the existence of Android zero-day exploits hosted on exploit servers. However, he believes the attackers probably also had access to Android zero-days, but were probably not hosted there when the campaign was discovered.

Google: Revealed sophisticated attack on Windows and Android users

Google: Exploit chains were sophisticated and well designed

Google described exploit chains as “designed for efficiency and flexibility".

"It is well designed, complex code with a variety of innovative exploitation methods, sophisticated and calculated post-exploitation techniques and large numbers of controls to be detected", Said Google.

Google also published reports detailing a "infinity bug ”by Chrome used in the attacks, the Chrome exploit chains, The Android exploit chains, post-exploitation steps on Android devices and Windows exploit chains.

This information can help others Companies security to identify similar attacks against their customers.

Source: ZDNet


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...

Facebook: Sues Chrome extensions developers for data theft

Facebook has filed a lawsuit against two Portuguese nationals for developing Chrome extensions that collected data from Facebook users.

Cisco does not fix 74 bugs in RV routers that have reached their EOL

Cisco said yesterday that it will not release firmware updates to fix 74 vulnerabilities that have been reported in ...

Hacker commits new crimes while waiting for his release!

A Kosovo hacker was pardoned after his conviction. The hacker provided personally identifiable information over 1.000 ...

Nintendo rules out Game & Watch video hacking

Two copyright claims against a YouTuber have been filed by Nintendo, for a video showing hacking of Super Mario ...