Browsers Beware: Nasty Exploit Campaigns Target Safari and Chrome Users
Cybersecurity researchers have identified exploit campaigns using flaws in Apple Safari and Google Chrome to infect mobile users with malware. These attacks, linked to a Russian state-backed group, targeted unpatched devices via Mongolian government websites. The campaigns highlight the ongoing threat of watering hole attacks…
Hot Take:
This saga is like a tech soap opera: Russian state-backed hackers, Mongolian government websites, and a three-way love affair with Safari, Chrome, and n-day exploits. Who knew browser vulnerabilities could be this dramatic?
Key Points:
- Multiple in-the-wild exploit campaigns targeted unpatched Safari and Chrome browsers.
- Watering hole attacks on Mongolian government websites were the main delivery method.
- The campaigns are attributed to Russian state-backed threat actor APT29.
- Exploits used in these attacks share similarities with those from commercial surveillance vendors like Intellexa and NSO Group.
- Attackers aimed to steal browser cookies and other sensitive information from mobile devices.
Membership Required
You must be a member to access this content.