Google security researchers are sharing brand-new information about vulnerabilities discovered in Chrome, Firefox, and Windows.
In an article, Google and Danger Analysis Group (TAG) detail actions taken since discovering an industrial spyware operation with ties to Variston IT.
Based in Barcelona, Spain, Variston IT declares to offer custom security options. However, the business is linked to an exploitation structure called “Heliconia.”
Heliconia operates in 3 ways:
- It exploits a Chrome renderer bug to run malware on a user’s os.
- It deploys a destructive PDF document containing an exploit for Windows Defender.
- It makes use of a set of Firefox exploits for Windows and Linux makers.
The Heliconia make use of was utilized as early as December 2018 with the release of Firefox 64.
New information released by Google reveals Heliconia was likely used in the wild as a zero-day exploit.
Heliconia presents no risk to users today, as Google says it can not discover active exploitation. Google, Mozilla, and Microsoft repaired the bugs in early 2021 and 2022.
Although Heliconia is covered, industrial spyware is a growing issue, Google says:
“TAG’s research study underscores that the industrial security market is flourishing and has actually broadened substantially in the last few years, developing threat for Internet users around the globe. Commercial spyware puts sophisticated security capabilities in the hands of governments who utilize them to spy on journalists, human rights activists, political opposition and dissidents.”
To protect yourself versus Heliconia and other exploits like it, it’s important to keep your internet browsers and running system up to date.
TAG’s research study into Heliconia is readily available in Google’s new post, which Google is releasing to raise awareness about the hazard of commercial spyware.
Included Image: tomfallen/Best SMM Panel