Google - these serious security threats are targeting both Android and iOS devices - Latest trending news

Google has published new details on multiple zero-days and n-days vulnerabilities that different threat actors have been using to compromise Android, iOS, and Chrome devices.

In an analysis (opens in new tab) published on its security blog, Google said it spotted threat actors targeting iOS users with vulnerabilities classified as CVE-2022-42856 and CVE-2021-30900.

These vulnerabilities allowed hackers to install commercial spyware and malware on target endpoints (opens in new tab), which among other things, included installing location trackers, Google’s team said.

Lengthy campaigns

The same threat actors targeted Android devices with ARM GPUs for CVE-2022-4135, CVE-2022-38181, and CVE-2022-3723. They used these flaws to install unknown types of malware, the researchers explained.

“When ARM released a fix for CVE-2022-38181, several vendors, including Pixel, Samsung, Xiaomi, Oppo and others, did not incorporate the patch, resulting in a situation where attackers were able to freely exploit the bug for several months,” the analysis reads.

In a separate campaign, Google observed threat actors targeting United Arab Emirates’ users of Samsung’s Internet Browser, going for CVE-2022-4262, CVE-2022-3038, CVE-2022-22706, and CVE-2023-0266. They would use these flaws to deploy C++ spyware which allowed them, among other things, to extract and decrypt data from different chat and browser apps.

The attackers were “highly targeted”, Google said.

“These campaigns may also indicate that exploits and techniques are being shared between surveillance vendors, enabling the proliferation of dangerous hacking tools.”

Google’s Threat Analysis Group (TAG), which published the report, was basically tipped off by Amnesty International’s Security Lab, BleepingComputer reports, as this organization published information regarding domains and infrastructure used in these attacks.

“The newly discovered spyware campaign has been active since at least 2020 and targeted mobile and desktop devices, including users of Google’s Android operating system,” Amnesty International said in its own report. “The spyware and zero-day exploits were delivered from an extensive network of more than 1000 malicious domains, including domains spoofing media websites in multiple countries.”

Via: BleepingComputer (opens in new tab)

Denial of responsibility! TheShockNews is an automatic aggregator around the Global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email: hl.footballs@gmail.com The content will be deleted within 24 hours.

Originally published at theshocknews.com

Google – these serious security threats are targeting both Android and iOS devices – Latest trending news

Related

Recent Articles

Nandamuri Balakrishna’s intense first look poster leaves fans excited

Neha Sharma sets the summer sun on fire in blazing hot biknis

What Your Face Shape Says About Your Personality

40 Hilarious Memes To Tickle Your Funny Bone

‘Vanderpump Rules’ bombshell revealed in explosive final reunion episode – Latest trending news

Leave A Reply Cancel reply