Browsers Beware: Nasty Exploit Campaigns Target Safari and Chrome Users

Cybersecurity researchers have identified exploit campaigns using flaws in Apple Safari and Google Chrome to infect mobile users with malware. These attacks, linked to a Russian state-backed group, targeted unpatched devices via Mongolian government websites. The campaigns highlight the ongoing threat of watering hole attacks exploiting n-day vulnerabilities.

3P
Published: August 29, 2024 4:16 pmAdded: August 29, 2024 at 1:44 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

This saga is like a tech soap opera: Russian state-backed hackers, Mongolian government websites, and a three-way love affair with Safari, Chrome, and n-day exploits. Who knew browser vulnerabilities could be this dramatic?

Key Points:

  • Multiple in-the-wild exploit campaigns targeted unpatched Safari and Chrome browsers.
  • Watering hole attacks on Mongolian government websites were the main delivery method.
  • The campaigns are attributed to Russian state-backed threat actor APT29.
  • Exploits used in these attacks share similarities with those from commercial surveillance vendors like Intellexa and NSO Group.
  • Attackers aimed to steal browser cookies and other sensitive information from mobile devices.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?