Techly NewsGet the app

Get the latest tech news

Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks


Suspected Russian hackers have compromised a series of websites to utilize sophisticated spyware exploits that are eerily similar to those created by NSO Group and Intellexa.

In recent years, elite commercial spyware vendors like Intellexa and NSO Group have developed an array of powerful hacking tools that exploit rare and unpatched “zero-day” software vulnerabilities to compromise victim devices. Originally, they were deployed by the spyware vendors as unpatched, zero-day exploits, but in this iteration, the suspected Russian hackers were using them to target devices that hadn't been updated with these fixes. Between November 2023 and February 2024, the hackers used an iOS and Safari exploit that was technically identical to an offering that Intellexa had first debuted a couple of months earlier as an unpatched zero-day in September 2023.

Get the Android app

Or read this on Wired

Read more on:

Photo of attacks

attacks

Photo of new string

new string

Photo of watering hole

watering hole

Related news:

News photo

Versa fixes Director zero-day vulnerability exploited in attacks

News photo

Google fixes ninth Chrome zero-day tagged as exploited this year

News photo

Google fixes ninth Chrome zero-day exploited in attacks this year

« Best graphics on Nintendo Switch: seven years of third-party developer brilliance
Japan's Real First Console? Bandai's TV Jack 5000 »