Despite all the efforts that companies are making to improve the security of their devices, there is always someone who is finding new vulnerabilities. This time, a group of advanced hackers managed to infect devices with iOS, Android and Windows through compromised websites.
As reported by ArsTechnica, Attackers used malicious websites to gain access to sensitive parts of the operating system as a result of the security breaches. Members of Project Zero, a team from Google that wants to search for security vulnerabilities on various platforms, said these hackers found 11 zero-day vulnerabilities.
The attacks with such violations started in February 2020 and lasted until October 2020. Malicious code was injected on the web page via an iframe that indicated on exploited servers. Researchers point out that one of the servers was focused on attacking iOS and Windows users, while the other was responding to Android devices.
In October 2020, we discovered that the actor of the February 2020 campaign came back with the following version of their campaign: a few dozen sites redirecting to an exploit server. After we started analyzing, we discovered links to a second-use server on the same site. After the initial fingerprint (apparently based on the origin of the IP address and the user agent), an iframe was injected into the website referring to one of the two exploit servers.
For those unfamiliar with the term, a zero-day exploit is basically a newfound vulnerability that the solution to the developers is still unknown. The report states that the hackers are aware of what they are doing because they were able to bypass the security systems of ‘well-reinforced operating systems and programs that have been fully patched’.
In another example of how hackers experienced zero-day exploitation, they were able to quickly reopen the violation after Google updated the Chrome engine with a solution. In other words, even if users have used the latest version of the app or operating system, they are still susceptible to infection when accessing a website.
While it’s important to keep the software on your devices up to date to avoid security issues, users should be careful about opening websites or programs that they do not trust very much. More information about this exploit can be found on the Project Zero blog.
FTC: We use revenue to earn automatically affiliate links. More.
Check out 9to5Mac on YouTube for more Apple news: