World governments and paid hackers, the main source of newly discovered Android exploits


In case anyone was wondering, most of the newly discovered software vulnerabilities and malware used to attack computer systems are being developed by law enforcement agencies and with the funding of governments fighting in the online space.

According to information provided by Google Threat Analysis Group (TAG), a security company in Northern Macedonia called Cytrox has sold no less than four zero-day vulnerabilities discovered in the Chrome browser to groups of hackers known to be affiliated with actors. state. The list is also supplemented by a vulnerability that directly affects the Android system, facilitating the direct attack of the phones used by the designated “targets”.

Amounts paid they are not known exactly, but we find out that these groups of hackers have carried out numerous attacks in countries other than their home countries.

The purchases were incorporated into an invasive spyware application called Predator. Equipped with other functions for infiltration and information collection, the software has thus become a very powerful tool, made available to groups of hackers funded by state actors.

“We are confident that these exploits have been packaged by a single commercial surveillance company, Cytrox, and sold to various government-backed actors who have used them in at least three of the campaigns discussed below,” Google Threat researchers said. Analysis Group (TAG) explained in a blog post.

Also, that Cytrox would have assisted its own customers in exploiting vulnerabilities for which patches were already available, in the idea that the selected targets did not have updated devices. We can assume that in this case, the tariffs charged were slightly lower.

Hackers who bought Cytrox services and spyware were all over the world – Greece, Serbia, Egypt, Armenia, Spain, Indonesia, Madagascar and the Ivory Coast, according to Google TAG researchers.

But by far the most worrying thing is that most of the zero-day vulnerabilities discovered in the last year have been funded by private companies such as Cytrox, which have made this business a very profitable business.


Source: Go4IT by www.go4it.ro.

*The article has been translated based on the content of Go4IT by www.go4it.ro. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!