Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day

Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year.

The four security flaws were found by Google Threat Analysis Group (TAG) and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple’s Safari web browser.

The four zero-day exploits discovered by Google researchers earlier this year while being exploited in the wild targeted:

  • CVE-2021-21166 and CVE-2021-30551 in Chrome,
  • CVE-2021-33742 in Internet Explorer, and
  • CVE-2021-1879 in WebKit (Safari).

Google also published root cause analysis for all four zero-days:

  • CVE-2021-1879: Use-After-Free in QuickTimePluginReplacement
  • CVE-2021-21166: Chrome Object Lifecycle Issue in Audio
  • CVE-2021-30551: Chrome Type Confusion in V8
  • CVE-2021-33742: Internet Explorer out-of-bounds write in MSHTML

We tie three to a commercial surveillance vendor arming govt backed attackers and one to likely Russian APT, Google Threat Analysis Group’s Director Shane Huntley said.

Halfway into 2021, there have been 33 0-day exploits used in attacks that have been publicly disclosed this year — 11 more than the total number from 2020, Google researchers added.

While there is an increase in the number of 0-day exploits being used, we believe greater detection and disclosure efforts are also contributing to the upward trend.

Full article

Scroll to Top