Threat Watch

Google Discloses Hacking Campaign with Windows, Android Targets

Recently, as first reported by Bleeping Computer, Google’s Project Zero identified and revealed a hacking campaign used by a “highly sophisticated actor” which targeted Windows and Android users with zero-day and n-day exploits.  By uncovering two exploit servers used in watering hole attacks, Project Zero researchers were able to uncover several of the exploits used by these threat actors including:

  • Renderer exploits for 4 bugs in Chrome, with one bug being a zero-day.
  • 2 sandbox escape exploits abusing 3 Windows zero-days.
  • A privilege escalation kit used for older versions of Android.

All bugs have since received patches after Project Zero’s discovery.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

Since zero-days are fairly hard to anticipate, Binary Defense recommends employing a 24/7 SOC monitoring solution (like Binary Defense’s own Security Operations Task Force), as the zero-days may perform file/registry writes that produce alertable events.
https://www.bleepingcomputer.com/news/security/google-discloses-hacking-campaign-targeting-windows-android-users/

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support