Security News > 2021 > July > Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day

Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year.

The four security flaws were found by Google Threat Analysis Group and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple's Safari web browser.

"We tie three to a commercial surveillance vendor arming govt backed attackers and one to likely Russian APT," Google Threat Analysis Group's Director Shane Huntley said.

"Halfway into 2021, there have been 33 0-day exploits used in attacks that have been publicly disclosed this year - 11 more than the total number from 2020," Google researchers added.

This can't be said about the CVE-2021-1879 Safari flaw, which, according to Google, was used via LinkedIn Messaging "To target government officials from western European countries by sending them malicious links."

Google researchers said the attackers were part of a likely Russian government-backed actor abusing this zero-day to target iOS devices running older versions of iOS. While Google didn't link the exploit to a specific threat group, Microsoft says the culprit is Nobelium, the state-sponsored hacking group behind last year's SolarWinds supply-chain attack that led to the compromise of several US federal agencies.

News URL

https://www.bleepingcomputer.com/news/security/google-russian-svr-hackers-targeted-linkedin-users-with-safari-zero-day/