04:35 GMT03 April 2020
Listen Live
    Tech
    Get short URL
    123
    Subscribe

    A zero-day is an unpatched software flaw unknown to the developer that can be exploited by hackers. According to Google, such vulnerabilities are “particularly dangerous and have a high rate of success”.

    Google’s Threat Analysis Group (TAG) announced in a press release on Thursday that an unidentified group of hackers capitalized five zero-day vulnerabilities over 2019.

    The company said that the majority of victims targeted by the hackers were “from North Korea or individuals who worked on North Korea-related issues”.

    “Finding this many zero-day exploits from the same actor in a relatively short time frame is rare,” Toni Gidwani, a security engineering manager at TAG, said in the press release. “The exploits were delivered via compromised legitimate websites (e.g. watering hole attacks), links to malicious websites, and email attachments in limited spear phishing campaigns”.

    Gidwani noted that the zero-day flaws affected Android, Chrome, iOS, Internet Explorer and Windows operating systems.

    Although Google refused to speculate who might be responsible for these attacks, the Russian security firm Kaspersky associated Google's discoveries with DarkHotel, a hacker group allegedly targeting North Koreans in the past and suspected of working for the South Korean government, according to WIRED.

    Hours following the TAG report, Kaspersky reportedly matched two of the vulnerabilities — one in Windows, one in Internet Explorer — with those it earlier linked to DarkHotel. Previously, the security firm detected those bugs exploited to plant known DarkHotel malware on the devices of their customers.

    Since TAG attributed all five zero-days to a single hacker group, "it’s quite likely that all of them are related to DarkHotel,” says Costin Raiu, the head of Kaspersky's Global Research & Analysis Team, cited by WIRED.

    Raiu noted that DarkHotel are “interested in getting information such as documents, emails, pretty much any bit of data they can from these targets”.

    Related:

    US Media Claim 'Russian Hackers' Targeted Ukraine Energy Company Burisma
    No Russians Detected! 52 Hackers Attacked US Army Networks Using 146 Vulnerabilities in One Month
    Busted: Two Hackers Arrested After Trying to Sell 12 Billion Passwords Online - Report
    UN Admits Hackers Infiltrated Key Servers In Espionage Breach
    Satellites Can Be Turned Into Weapons by Hackers, Scholar Warns
    Tags:
    zero-day exploit, zero-day vulnerabity, vulnerabilities, cyberattack, North korea, Google, hacker
    Community standardsDiscussion
    Comment via SputnikComment via Facebook