Google security scientists are sharing new details about vulnerabilities identified in Chrome, Firefox, and Windows.
In an article, Google and Threat Analysis Group (TAG) information steps taken because discovering an industrial spyware operation with ties to Variston IT.
Based in Barcelona, Spain, Variston IT declares to provide custom security services. However, the business is linked to an exploitation framework called “Heliconia.”
Heliconia works in 3 methods:
- It makes use of a Chrome renderer bug to run malware on a user’s os.
- It releases a destructive PDF file containing an exploit for Windows Protector.
- It utilizes a set of Firefox makes use of for Windows and Linux machines.
The Heliconia make use of was utilized as early as December 2018 with the release of Firefox 64.
New details launched by Google exposes Heliconia was most likely utilized in the wild as a zero-day make use of.
Heliconia positions no risk to users today, as Google states it can not discover active exploitation. Google, Mozilla, and Microsoft repaired the bugs in early 2021 and 2022.
Although Heliconia is patched, business spyware is a growing problem, Google says:
“TAG’s research underscores that the commercial surveillance industry is growing and has actually expanded substantially over the last few years, producing danger for Web users around the world. Business spyware puts sophisticated security capabilities in the hands of governments who use them to spy on journalists, human rights activists, political opposition and dissidents.”
To secure yourself against Heliconia and other exploits like it, it’s essential to keep your web browsers and operating system up to date.
TAG’s research into Heliconia is readily available in Google’s new blog post, which Google is releasing to raise awareness about the danger of business spyware.
Featured Image: tomfallen/Best SMM Panel