Russian Government Hackers Found Using Exploits Made By Spyware Companies NSO and Intellexa (techcrunch.com) 44
Google says it has evidence that Russian government hackers are using exploits that are "identical or strikingly similar" to those previously made by spyware makers Intellexa and NSO Group. From a report: In a blog post on Thursday, Google said it is not sure how the Russian government acquired the exploits, but said this is an example of how exploits developed by spyware makers can end up in the hands of "dangerous threat actors." In this case, Google says the threat actors are APT29, a group of hackers widely attributed to Russia's Foreign Intelligence Service, or the SVR. APT29 is a highly capable group of hackers, known for its long-running and persistent campaigns aimed at conducting espionage and data theft against a range of targets, including tech giants Microsoft and SolarWinds, as well as foreign governments.
Google said it found the hidden exploit code embedded on Mongolian government websites between November 2023 and July 2024. During this time, anyone who visited these sites using an iPhone or Android device could have had their phone hacked and data stolen, including passwords, in what is known as a "watering hole" attack. The exploits took advantage of vulnerabilities in the iPhone's Safari browser and Google Chrome on Android that had already been fixed at the time of the suspected Russian campaign. Still, those exploits nevertheless could be effective in compromising unpatched devices.
Google said it found the hidden exploit code embedded on Mongolian government websites between November 2023 and July 2024. During this time, anyone who visited these sites using an iPhone or Android device could have had their phone hacked and data stolen, including passwords, in what is known as a "watering hole" attack. The exploits took advantage of vulnerabilities in the iPhone's Safari browser and Google Chrome on Android that had already been fixed at the time of the suspected Russian campaign. Still, those exploits nevertheless could be effective in compromising unpatched devices.
In Soviet Russia: "Shit no, Sherlock". (Score:2)
Re: (Score:2, Troll)
well, i have no doubts either that every government in the world is engaged in espionage and hacking to the extent it possibly can. but this love for romantic hacker novellas is something quite unique to western agencies and politicians.
ofc there never is any evidence. e.g. all the legend about "cozybear" and "apt29", protagonists of this story, seems to come from this single source:
https://web.archive.org/web/20... [archive.org]
which is just as pathetic, contradictory and incoherent as propaganda can possibly be, even n
Re: (Score:3)
...come from this single source: https://web.archive.org/web/20... [archive.org].
Wow, nice link!
But no, that's not the only reason we believe Cozy Bear is Russian, it's just the most comprehensive insight into the details of their operations. Multiple groups had already identified it as Russian years earlier.
Re: (Score:2)
"The Americans were taken completely by surprise by the Russian aggression, says Chris Painter in Washington. For years, Painter was responsible for America's cyber policy. He resigned last August. 'We'd never expected that the Russians would do this, attacking our vital infrastructure and undermining our democracy.' "
Never! <slams table>
What the fuck? Kiss your ass goodbye America. (ummm... what 8 years ago?)
Your A Team is on this.
Re: (Score:2)
Re: (Score:2)
Which of those "multiple groups" are intelligence assets with an interest in implicating Russia? How would you know?
And I have a question for you: what kind of idiot thinks that the Russians aren't trying to hack into our systems with every tool that they can come up with?
Re: (Score:3)
while that's all true, and ofc pissed off russia, that's not the reason russia invaded. the reason was the imminent threat of nato membership and nato military buildup on the border. if ukraine had formally joined nato it would have been huge and irreversible trouble for russia, which is why they would have never allowed that. they actually waited too long, after trying to negotiate or disuade the us and avoid confrontation for nearly a decade ... to no avail. also, the goal wasn't to conquer, but to depose
Re: (Score:2)
And the backdoors demanded by the NSA, such as those which keep appearing in Cisco products
https://www.tomshardware.com/n... [tomshardware.com]
"Google said it is not sure" (Score:2)
Google said it is not sure how the Russian government acquired the exploits
the exploits in question are for sale.. they were crafted by corporate entities for profit, I guess designed with industrial espionage in mind.
Shocker: Someone bought something for sale (Score:3)
Re: (Score:2)
Last time I checked, and it was from links in an article posted here in the last
It appeared to me that if you were willing to put $5000 on your credit card, you could download a copy of a pegasus-like malware for Android.
Pretty fucking within reach of anyone.
The article was framing the issue as "malware as a product". X number of years ago NSO made Pegasus and it was like a semi controlled substance... not everyone could get it. But the chilling point of the article,
Re: (Score:2)
What do they mean they don't understand how Russia got their hands on a technology for sale? Multiple branches of Mexico's government were buying NSO's Pegasus starting at least as far back as 2016 ... and the leaders of these organizations being the astute business men that they were, re-sold access to many organization including criminal organizations. Why not Russia too? I'm sure Mexico was not the only corrupt country doing this.
Mexico?
The companies making these things were probably selling them direct to the Russians via back channels... if not openly.
It was probably harder for Mexico to buy it.
In Mother Russia (Score:1)
Re: (Score:2)
And those who in India run the call center, "helping" people reset passwords and recover lost data.
Not Surprising (Score:1)
They're too stupid to create their own hacking tools.
Re: (Score:2)
They're too stupid to create their own hacking tools.
your own tools leave unique marks
Re: (Score:2)
And in Russia's case, it would be the unique mark of failure.
Failures like Sputnik and Vostok 1? (Score:2)
Re: (Score:2)
You aren't asking anything. Respect them? For what? They have never done anything to earn any respect. They are weak, pathetic, stupid, and lazy.
Re: (Score:2)
Yeah, keep telling yourself that.
Re: (Score:2)
Are you saying Russia stole them from US "government hackers"? Well, that explains a lot of the cyber-crime in the world.
know what else leaves a distinct signature? (Score:1)
Getting caught.
US Government Hackers? (Score:2)
Re: (Score:2)
Remember (Score:2)
NSO is Israeli. This is why I don't do business with any company based in Israel.
Re: (Score:2)
Strange for such a tiny country to have the density of spyware, surveillance, and weapons manufacturers it does. Until you consider that it's an artificially created country, stood up for the purpose (in part) of being the west's dystopia laboratory. It won't stop with the Muslims either. Coming soon to a city near you.