Security News > 2021 > January > Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove
Google researchers have detailed a major hacking campaign that was detected in early 2020, which mounted a series of sophisticated attacks, some using zero-day flaws, against Windows and Android platforms.
Working together, researchers from Google Project Zero and the Google Threat Analysis Group uncovered the attacks, which were "Performed by a highly sophisticated actor," Ryan from Project Zero wrote in the first of a six-part blog series on their research.
In the case of the attacks that Google researchers uncovered, attackers executed the malicious code remotely on both the Windows and Android servers using Chrome exploits.
The exploits used against Windows included zero-day flaws, while Android users were targeted with exploit chains using known "n-day" exploits, though they acknowledge it's possible zero-day vulnerabilities could also have been used, researchers said.
The team spent months analyzing the attacks, including examining what happened post-exploitation on Android devices.
The researchers posted root-cause analyses for each of the four Windows zero-day vulnerabilities that they discovered being leveraged in their attacks.
News URL
https://threatpost.com/hacks-android-windows-zero-day/163007/
Related news
- Serbian police used Cellebrite zero-day hack to unlock Android phones (source)
- ⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More (source)
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) (source)
- Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
- New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)