Google shares newly-found commercial spyware threats

Getty Images

Google on Wednesday shared the details of newly-exposed exploitation frameworks capable of deploying spyware to targeted devices. Dubbed the “Heliconia” exploits, they appear to have ties to the Spanish company Variston IT, according to Google Threat Analysis Group (TAG). 

Heliconia targets n-day vulnerabilities, meaning that there are already patches available for the vulnerabilities. The new frameworks go after vulnerabilities previously found in Chrome, Firefox and Microsoft Defender. All of the vulnerabilities were addressed in 2021 and early 2022. However, Google’s research suggests these exploits were used as zero-days — in other words, before the vulnerabilities were spotted.

Also: How to find and remove spyware from your phone

To ensure you’re protected against Heliconia and other exploits, it’s important to keep all of your software updated. 

The new exploits are the latest to underscore the growth of the commercial spyware industry, Google noted. 

“TAG’s research has shown the proliferation of commercial surveillance and the extent to which commercial spyware vendors have developed capabilities that were previously only available to governments with deep pockets and technical expertise,” Google TAG’s Clement Lecigne and Benoit Sevens wrote in a blog post. “The growth of the spyware industry puts users at risk and makes the Internet less safe, and while surveillance technology may be legal under national or international laws, they are often used in harmful ways to conduct digital espionage against a range of groups.”

Google learned about the Heliconia framework from an anonymous submission to its Chrome bug reporting program. Three bugs were detailed: “Heliconia Noise” is a web framework for deploying an exploit for a Chrome renderer bug, followed by a sandbox escape. “Heliconia Soft” is a web framework that deploys a PDF containing a Windows Defender exploit. Lastly, the bug report named “Files” contained a fully documented Firefox exploit chain for Windows and Linux.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.