A Brisk Private Trade in Zero-Days Widens Their Use

2020-04-06 21:05

One of the zero-day purveyors that may have done a brisk trade in 2019 was the controversial Israeli firm known as NSO Group.

The private company has been criticized in the past for selling zero-day exploits to "Authorized governments" who may have launched targeted attacks against human rights activists and journalists.

"This group may [also] have acquired their zero-days by purchasing malware from private companies such as NSO Group, as the zero-days used in SandCat operations were also used in Stealth Falcon operations, and it is unlikely that these distinct activity sets independently discovered the samezero-days," FireEye noted.

Aside from involvement with nation-state-backed groups, 2019 also saw a zero-day exploit in WhatsApp reportedly used to distribute spyware developed by NSO Group; and, an Android zero-day vulnerability also was seen by Google researchers being exploited in the wild in October.

"The FireEye advisory mentions that private companies are likely creating and supplying a larger proportion of zero-days than they have in the past," he told Threatpost.

News URL

https://threatpost.com/brisk-private-trade-zero-days/154502/

#zeroday