Home Tech & Gadgets World governments and paid hackers, the main source of newly discovered Android...

World governments and paid hackers, the main source of newly discovered Android exploits


In case anyone was wondering, most of the newly discovered software vulnerabilities and malware used to attack computer systems are being developed by law enforcement agencies and with the funding of governments fighting in the online space.

According to information provided by Google Threat Analysis Group (TAG), a security company in Northern Macedonia called Cytrox has sold no less than four zero-day vulnerabilities discovered in the Chrome browser to groups of hackers known to be affiliated with actors. state. The list is also supplemented by a vulnerability that directly affects the Android system, facilitating the direct attack of the phones used by the designated “targets”.

The exact amounts paid are not known, but we find out that the respective groups of hackers have carried out numerous attacks in countries other than their home countries.

Read:  Google announces the biggest change to its search engine yet

The purchases were incorporated into an invasive spyware application called “Predator”. Equipped with other functions for infiltration and information collection, the software has thus become a very powerful tool, made available to groups of hackers funded by state actors.

“We are confident that these exploits have been packaged by a single commercial surveillance company, Cytrox, and sold to various government-backed actors who have used them in at least three of the campaigns discussed below,” Google Threat researchers said. Analysis Group (TAG) explained in a blog post.

Also, that Cytrox would have assisted its own customers in exploiting vulnerabilities for which patches were already available, in the idea that the selected targets did not have updated devices. We can assume that in this case, the tariffs charged were slightly lower.

Read:  Unexpected discovery made in the stomach of a cramping patient

Hackers who bought Cytrox services and spyware were all over the world – Greece, Serbia, Egypt, Armenia, Spain, Indonesia, Madagascar and the Ivory Coast, according to Google TAG researchers.

But by far the most worrying thing is that most of the zero-day vulnerabilities discovered in the last year have been funded by private companies such as Cytrox, which have made this business a very profitable business.

Previous articleBosch invests in autonomous cars: what the Germans are preparing
Next articleShip2B Ventures invests in a digital cancer therapy platform