A Google hacking team has exposed — and shut down — an expert counterterrorism hacking operation by a supposed US ally. While the report hid most details, it raised troubling questions on what constitutes an ally in cyberspace.
The tech giant’s Project Zero and Threat Analysis Group hacking teams uncovered and ultimately put an end to a counter-terrorism operation being run by a US ally, according to MIT Tech Review, which detailed the internal struggle at Google over whether to publicize the incident and what it implied for future cyber-espionage (apparently, all’s fair in love, war, and malware attacks).
Both Project Zero, which uncovers and exposes security vulnerabilities, and Threat Analysis Group, which tracks hacks believed to be run by governments, helped take down the “friendly” malware attack, which weaponized 11 zero-day vulnerabilities in the course of nine months. A zero-day vulnerability is a flaw that the software’s creator and user are unaware exists, a security issue that can be used as a backdoor and otherwise exploited until it is discovered.
Cropping up 11 times in nine months – more frequently than a typical zero-day exploit – the attack targeted devices powered by iOS, Android, and Windows. The exploits were innovative (MIT described them as “never-before-seen techniques”) and used infected websites as “watering holes” to deliver malware to unfortunate visitors. The infection process had been ongoing since early 2020.
Also on rt.com
Google researchers reveal exploit that let hackers ‘own’ iPhones REMOTELY – but waited 6 months to tell the world
MIT revealed on Friday that the hackers running the scheme were “actually Western government operatives actively conducting a counter-terrorism operation,” an unusual revelation given that tracing hacks to state-level actors is not the easy-to-grasp, cut-and-dried operation that US cybersecurity firms like CrowdStrike and FireEye like to describe when they speak with reporters.
Indeed, while Google’s Threat Analysis Group attributes hacks to states, Project Zero does not, though private security companies…