Security News > 2021 > April > Google’s Project Zero Finds a Nation-State Zero-Day Operation
The exploits, which went back to early 2020 and used never-before-seen techniques, were "Watering hole" attacks that used infected websites to deliver malware to visitors.
They caught the attention of cybersecurity experts thanks to their scale, sophistication, and speed.
It's true that Project Zero does not formally attribute hacking to specific groups.
The Threat Analysis Group, which also worked on the project, does perform attribution.
Google omitted many more details than just the name of the government behind the hacks, and through that information, the teams knew internally who the hacker and targets were.
It is not clear whether Google gave advance notice to government officials that they would be publicizing and shutting down the method of attack.
News URL
Related news
- Google: 70% of exploited flaws disclosed in 2023 were zero-days (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)