Security News > 2021 > July > Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits
A secretive Israeli commercial surveillance company named after a parasitic freshwater fish is being blamed for supplying Windows and Chrome zero-day exploits to nation-state APT actors.
The two reports come less than 24 hours after Google's Threat Analysis Group documented four separate zero-day exploits in Chrome, Internet Explorer, and Webkit that were created and sold by Candiru to government-backed attackers.
Exploit code from the mysterious Candiru was first observed in.
The Citizen Lab report, titled Hooking Candiru, documents how the research outfit scanned the internet and found more than 750 websites linked to Candiru's spyware infrastructure.
Microsoft's Threat Intelligence Center released its own report on Candiru, aka SOURGUM, describing the company as a "Private-sector offensive" actor in the business of hawking and using Windows zero-day exploits.
Redmond's threat hunters found Candiru using a chain of browser and Windows exploits to plant malware on targeted victims.
News URL
Related news
- Exploit code for Palo Alto Networks zero-day now public (source)
- Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)