iPhone users targeted by govt hackers with 0-days vulnerabilities: Google


New Delhi, Feb 7 (IANS): Google has said that government hackers last year used three undiscovered flaws in Apple's iPhone operating system to target users with spyware created by a European startup.

Google's Threat Analysis Group (TAG), which investigates nation-backed hacking, published a report on Tuesday analysing several government campaigns using hacking tools developed by several spyware and exploit sellers, including a Spain-based startup called Variston.

Google reported that in a particular campaign, hackers working for the government exploited three iPhone vulnerabilities known as "zero-days," which were not previously known to Apple.

The hacking tools used in the attack were developed by Variston, a startup that specialises in surveillance and hacking technology.

Google has already analysed Variston's malware twice, once in 2022 and again in 2023.

The tech giant said that it identified a previously unknown customer of Variston using zero-day exploits to target iPhones in Indonesia in March 2023.

The attackers employed a technique of sending a malicious link via SMS text message to infect the target's phone with spyware. Afterwards, the victim was redirected to a news article published by the Indonesian newspaper, Pikiran Rakyat.

It is unclear who Variston sold its spyware to. Variston, according to Google, works "with several other organisations to develop and deliver spyware."

Moreover, Google also mentioned in the report that their researchers are tracking approximately 40 companies that sell surveillance software and exploits to government clients across the globe.

The report highlighted a few relatively new companies, including Variston, Cy4Gate, RCS Lab and Negg.

In its report, Google stated that it is committed to preventing hacking activities using these companies' capabilities, which have been linked to targeted monitoring of journalists, dissidents, and politicians.

 

  

Top Stories


Leave a Comment

Title: iPhone users targeted by govt hackers with 0-days vulnerabilities: Google



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.