Spyware behind nearly 50% of zero-days targeting Google products

/in


Google on Tuesday reported that commercial surveillance vendors (CSVs) are behind nearly 50% of the known zero-day exploits targeting Google products.

The news brought to light the increased prevalence of CSVs and the potential threat of spyware being used against not just famous journalists, politicians and academics, but ordinary citizens and businesspeople.   

Google’s 50-page report found that from mid-2014 through 2023, security researchers discovered 72 in-the-wild zero-day exploits affecting Google products with the Google Threat Analysis Group (TAG) attributing 35 of the zero-days to the CSVs.

“The commercial surveillance industry has emerged to fill a lucrative market niche: selling cutting edge technology to governments around the world that exploit vulnerabilities in consumer devices and applications to surreptitiously install spyware on individuals’ devices,” wrote the Google researchers. “By doing so, commercial surveillance vendors (CSVs) are enabling the proliferation of dangerous hacking tools.”

Morgan Wright, chief security advisor at SentinelOne, said Google’s new information means that anyone, anywhere, any place, is at risk.

The proliferation of mobile computing, along with continuous discoveries of zero-day exploits, means spyware will become a booming market that will continue to grow because there’s demand for these capabilities, Wright said. What’s of most concern, Wright continued, is that the spyware capabilities that were once the exclusive province of nation-state intelligence organizations are available off-the-shelf to anyone with a big enough bank account.

“The number of threat actors will grow exponentially, making it a very challenging exercise to identify and defend against these threats,” said Wright. “For the security community, this means there is no rest. Ever. The vectors of attack will change minute-by-minute and hour-by-hour. Once a threat pops up and is identified and dealt with, many more will develop to take its place. This will force certain decisions about open versus closed platforms. To have more freedom and security, it may require tighter controls.”

Marina Liang, threat intelligence engineer at Interpres, said…

Source…