Security News > 2022 > April > Chinese hackers behind most zero-day exploits during 2021
Threat analysts report that zero-day vulnerability exploitation is on the rise, with Chinese hackers using most of them in attacks last year.
Zero-day disclosures are of particular interest to hackers because they have a wider exploitation window until vendors address the flaws and clients start applying the updates.
The most notable case was that of Hafnium, a Chinese state-sponsored hacking group that utilized four zero-day vulnerabilities on the Microsoft Exchange servers to access email communications of Western organizations.
The most targeted vendors in 2021 zero-day attacks were Microsoft, Apple, and Google, accounting for over 75% of all attacks.
Google's Project Zero team on Tuesday published a report on the same topic, underlining that the rise in zero-day exploitation is partly a result of greater visibility and detection and not necessarily an increase of activity or attacks' complexity.
As the report details, only two out of 58 new zero-days Project Zero disclosed in 2021 exhibit technical excellence and uniqueness, which could point to software security maturity.
News URL
Related news
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)