Despite all the efforts that companies make to improve the security of their devices, there is always someone working to find new vulnerabilities. This time, a group of advanced hackers managed to infect iOS, Android and Windows devices through compromised websites.
As reported by ArsTechnica, Attackers have used malicious websites to gain access to confidential parts of the operating system due to security breaches found. Members of Project Zero, which is a team from Google looking for security exploits on different platforms, said these hackers found 11 zero-day vulnerabilities.
The attacks using these breaches started in February 2020 and continued until October 2020. Malicious code was injected into the webpage through an iframe that pointed to the exploited servers. Researchers point out that one of the servers was focused on attacking iOS and Windows users, while the other responded to Android devices.
In October 2020, we found that the February 2020 campaign actor returned with the next iteration of his campaign: a few dozen sites redirecting to an exploit server. As soon as our analysis started, we found links to a second exploration server on the same site. After the initial fingerprint (appearing to be based on the origin of the IP address and the user agent), an iframe was injected into the website pointing to one of the two exploitation servers.
For those unfamiliar with the term, a zero-day exploit is basically a newly discovered vulnerability whose fix is still unknown to developers. The report mentions that the hackers had advanced knowledge of what they were doing as they were able to bypass the security systems of “well-fortified operating systems and applications that have been fully patched”.
In another example of how hackers have experience with zero-day exploits, they were able to quickly reopen the breach after Google updated the Chrome engine with a fix. In other words, even if users were running the latest version of the application or operating system, they would still be susceptible to being infected when accessing a compromised website.
While keeping the software on their devices up-to-date is still important to avoid security issues, users should be careful not to open websites or applications that they don’t trust much. More details on this exploit can be found on the Project Zero blog.
FTC: We use affiliate links for automobiles that generate revenue. Most.
Check out 9to5Mac on YouTube for more news from Apple: