Security News > 2022 > April > Chinese hackers behind most zero-day exploits during 2021
Threat analysts report that zero-day vulnerability exploitation is on the rise, with Chinese hackers using most of them in attacks last year.
Zero-day disclosures are of particular interest to hackers because they have a wider exploitation window until vendors address the flaws and clients start applying the updates.
The most notable case was that of Hafnium, a Chinese state-sponsored hacking group that utilized four zero-day vulnerabilities on the Microsoft Exchange servers to access email communications of Western organizations.
The most targeted vendors in 2021 zero-day attacks were Microsoft, Apple, and Google, accounting for over 75% of all attacks.
Google's Project Zero team on Tuesday published a report on the same topic, underlining that the rise in zero-day exploitation is partly a result of greater visibility and detection and not necessarily an increase of activity or attacks' complexity.
As the report details, only two out of 58 new zero-days Project Zero disclosed in 2021 exhibit technical excellence and uniqueness, which could point to software security maturity.
News URL
Related news
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
- Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware (source)
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks (source)
- Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware (source)
- Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Aiohttp bug to find vulnerable networks (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)