Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security IT

Russian Government Hackers Found Using Exploits Made By Spyware Companies NSO and Intellexa (techcrunch.com) 44

Google says it has evidence that Russian government hackers are using exploits that are "identical or strikingly similar" to those previously made by spyware makers Intellexa and NSO Group. From a report: In a blog post on Thursday, Google said it is not sure how the Russian government acquired the exploits, but said this is an example of how exploits developed by spyware makers can end up in the hands of "dangerous threat actors." In this case, Google says the threat actors are APT29, a group of hackers widely attributed to Russia's Foreign Intelligence Service, or the SVR. APT29 is a highly capable group of hackers, known for its long-running and persistent campaigns aimed at conducting espionage and data theft against a range of targets, including tech giants Microsoft and SolarWinds, as well as foreign governments.

Google said it found the hidden exploit code embedded on Mongolian government websites between November 2023 and July 2024. During this time, anyone who visited these sites using an iPhone or Android device could have had their phone hacked and data stolen, including passwords, in what is known as a "watering hole" attack. The exploits took advantage of vulnerabilities in the iPhone's Safari browser and Google Chrome on Android that had already been fixed at the time of the suspected Russian campaign. Still, those exploits nevertheless could be effective in compromising unpatched devices.

This discussion has been archived. No new comments can be posted.

Russian Government Hackers Found Using Exploits Made By Spyware Companies NSO and Intellexa

Comments Filter:
  • There is no room in my mind to put this news report; the allotted space is already completely full of me assuming that the Russian government makes use of all exploits made by all spyware companies, throughout the MIlky Way galaxy, from the Big Bang until the Last Trump.
    • Re: (Score:2, Troll)

      by znrt ( 2424692 )

      well, i have no doubts either that every government in the world is engaged in espionage and hacking to the extent it possibly can. but this love for romantic hacker novellas is something quite unique to western agencies and politicians.

      ofc there never is any evidence. e.g. all the legend about "cozybear" and "apt29", protagonists of this story, seems to come from this single source:
      https://web.archive.org/web/20... [archive.org]
      which is just as pathetic, contradictory and incoherent as propaganda can possibly be, even n

      • by XXongo ( 3986865 )

        ...come from this single source: https://web.archive.org/web/20... [archive.org].

        Wow, nice link!

        But no, that's not the only reason we believe Cozy Bear is Russian, it's just the most comprehensive insight into the details of their operations. Multiple groups had already identified it as Russian years earlier.

        • From the Article:
          "The Americans were taken completely by surprise by the Russian aggression, says Chris Painter in Washington. For years, Painter was responsible for America's cyber policy. He resigned last August. 'We'd never expected that the Russians would do this, attacking our vital infrastructure and undermining our democracy.' "

          Never! <slams table>

          What the fuck? Kiss your ass goodbye America. (ummm... what 8 years ago?)
          Your A Team is on this.
        • Which of those "multiple groups" are intelligence assets with an interest in implicating Russia? How would you know?
          • by XXongo ( 3986865 )

            Which of those "multiple groups" are intelligence assets with an interest in implicating Russia? How would you know?

            And I have a question for you: what kind of idiot thinks that the Russians aren't trying to hack into our systems with every tool that they can come up with?

    • And the backdoors demanded by the NSA, such as those which keep appearing in Cisco products

                            https://www.tomshardware.com/n... [tomshardware.com]

  • Google said it is not sure how the Russian government acquired the exploits

    the exploits in question are for sale.. they were crafted by corporate entities for profit, I guess designed with industrial espionage in mind.

  • by laughingskeptic ( 1004414 ) on Thursday August 29, 2024 @11:28AM (#64746474)
    What do they mean they don't understand how Russia got their hands on a technology for sale? Multiple branches of Mexico's government were buying NSO's Pegasus starting at least as far back as 2016 ... and the leaders of these organizations being the astute business men that they were, re-sold access to many organization including criminal organizations. Why not Russia too? I'm sure Mexico was not the only corrupt country doing this.
    • Just buy it. Exactly.

      Last time I checked, and it was from links in an article posted here in the last .... year or so...
      It appeared to me that if you were willing to put $5000 on your credit card, you could download a copy of a pegasus-like malware for Android.

      Pretty fucking within reach of anyone.
      The article was framing the issue as "malware as a product". X number of years ago NSO made Pegasus and it was like a semi controlled substance... not everyone could get it. But the chilling point of the article,
    • by mjwx ( 966435 )

      What do they mean they don't understand how Russia got their hands on a technology for sale? Multiple branches of Mexico's government were buying NSO's Pegasus starting at least as far back as 2016 ... and the leaders of these organizations being the astute business men that they were, re-sold access to many organization including criminal organizations. Why not Russia too? I'm sure Mexico was not the only corrupt country doing this.

      Mexico?

      The companies making these things were probably selling them direct to the Russians via back channels... if not openly.

      It was probably harder for Mexico to buy it.

  • Exploits founds Spyware company! Taking into account those IT workers that have left the country since the war began. There's not enough people to repair elevators in residents buildings, forget about Spyware!
  • They're too stupid to create their own hacking tools.

  • Have you ever heard NSA activities described as US government hackers?
  • NSO is Israeli. This is why I don't do business with any company based in Israel.

    • Strange for such a tiny country to have the density of spyware, surveillance, and weapons manufacturers it does. Until you consider that it's an artificially created country, stood up for the purpose (in part) of being the west's dystopia laboratory. It won't stop with the Muslims either. Coming soon to a city near you.

The "cutting edge" is getting rather dull. -- Andy Purshottam

Working...