"Google Reveals Sophisticated Windows and Android Hacking Operation"

Google has released a six-part report, providing details about a complex hacking operation discovered in early 2020. The hacking operation targeted Android and Windows devices. According to Google, the attacks were launched via two exploit servers. Each server delivered a different exploit chain through watering hole attacks, which are performed by gathering information about a targeted group regarding what websites they frequently visit and installing malware on those sites to infect that group's systems. One server targeted Windows users, while the other targeted Android users. Both exploit servers abused vulnerabilities contained by Google Chrome to gain initial access into victims' devices. The attackers used an OS-level exploit to gain more control over a victim's device once they successfully established an initial entry point in the victim's browser. The exploit chains included zero-day and n-day vulnerabilities. These servers contained four render bugs in Google Chrome, two sandbox escape exploits that abuse zero-day flaws in the Windows OS, and a privilege escalation kit consisting of n-day exploits for older versions of the Android OS. This article continues to discuss the findings shared by Google surrounding the sophisticated Windows and Android hacking operation. 

ZDNet reports "Google Reveals Sophisticated Windows and Android Hacking Operation"