[ad_1]
Russia destroyers who made Attack on SolarWinds Last year they used iOS zero day as part of an anti-email campaign against the theft of authoritative Web content in Western Europe, according to Google and Microsoft.
Mu post Google released Wednesday, researchers said Maddie Stone and Clement Lecigne said the “Russian-backed actor” had taken an unprecedented risk by sending messages to government officials on LinkedIn.
Moscow, Western Europe, and USAID
Attacks targeting CVE-2021-1879, with zero date followed, re-sending users to governments that have set up completely fixed error payments Phones. The attack came in the wake of a campaign by the same hackers who provided malware to Windows users, the researchers said.
The meeting follows together Microsoft announced in May. In that case, Microsoft claimed that Nobelium – a name Microsoft uses to identify victims of the SolarWinds attack – was able to break the account of USAID, a US state-owned company that provides foreign aid and development assistance. By checking the agency’s account with the online advertising company Constant Contact, the hackers were able to send emails that appeared to use US addresses that were known to be US.
The government said last year selling chains for smugglers working in Russia’s Foreign Intelligence Service (abbreviated as SVR). Because more than ten, SVR has created criminal programs against governments, politicians, and other organizations in countries including Germany, Uzbekistan, South Korea, and the US. Goals including The US State department and the White House in 2014. Other names used to identify the group are APT29, Dukes, and Cozy Bear.
In an email, Shane Huntley, chief executive of Google’s Threat Analysis Group, confirmed the link between the threats posed by USAID and the zero-day iOS, which resides in the WebKit browser engine.
“These are two different meetings, but based on our appearance, we see the performers in the days of WebKit 0 and the USAID campaign as the same group of actors,” Huntley wrote. “It is important to note that everyone has different theatrical boundaries. In this regard, we agree with the US and UK governments on APT 29.”
Forget the Sandbox
Throughout the competition, Microsoft said, Nobelium has tried several experiments. In one wave, the Nobelium-controlled server organized automated tools to verify the OS and its hardware. When the target device was an iPhone or iPad, the server provided access to CVE-2021-1879, which allowed hackers to provide global scripts. apple patches zero days at the end of March.
Instead of Wednesday, Stone and Lecigne wrote:
After several tests to confirm that the device was a real tool, final payments will be made to use CVE- 2021-1879. This ends Point-One-Origin Protecting yourself from receiving authentic cookies from several popular websites, including Google, Microsoft, LinkedIn, Facebook, and Yahoo and sending them via WebSocket to the IP controlled by the attackers. The victim needs to open an open page on this page from Safari in order for cookies to be removed. There was no escaping the sandbox or planting through this method. Application for iOS 12.4 to 13.7. This type of attack, described by Amy Burnett in Forget the Sandbox Escape: Harassing Browsers From Codes, changed in browsers and Isolation supported as Chrome or Firefox.
Falling Day by Day
The program of iOS apps attack is part of a recent explosion using zero days. In the first half of this year, the vulnerable Google’s Zero research team recorded zero zero 33-day events used in 11-day attacks more than the total from 2020. Growth has a number of factors, including better awareness of security and software protection which is good, it also requires a number of events to be destroyed.
Another great driver is also adding zero days from secret companies selling bulk.
[ad_2]
Source link
