Subj : Hackers linked to Russian government found using some very famili To : All From : TechnologyDaily Date : Thu Aug 29 2024 20:30:06 Hackers linked to Russian government found using some very familiar malware tools Date: Thu, 29 Aug 2024 19:15:00 +0000 Description: Exploits developed by spyware companies were found to be indistinguishable from those used by Russian hackers. FULL STORY ====================================================================== Research from Googles Threat Analysis Group (TAG) has found evidence Russian-backed threat actor APT29 used iterations of watering hole campaigns which were identical or strikingly similar to exploits developed by notorious spyware companies NSO Group and Intellexa. TAG found Mongolian government websites were hit by multiple campaigns earlier in 2024 after discovering hidden exploit codes embedded in the sites. The exploits meant anyone who used the sites using an iPhone or Android device may have had their phone hacked and data stolen. APT29 is well-known for its links to Russias Foreign Intelligence Service and notable attacks on high-ranking western targets, such as US and German Government officials , as well as SolarWinds and Microsoft. All patched up The exploit code used in the attacks targeting iPhones shared the exact same trigger as the exploit used by Intellexa,, whilst the Android version used a very similar trigger to a code developed by NSO Group, TAG said. A patch was available for the exploits, but the attack was still effective against unpatched devices. Its unclear how the hackers obtained the copy of the exploit, but it could have been bought from the companies directly or stolen. TAG's research does not indicate APT29 recreated the exploits organically, but rather somehow managed to get a hold of the spyware makers program. The US government recently sanctioned the Intellexa consortium for developing and selling spyware Predator, which was used to target US government officials and journalists, and the NSO Group for its development of the Pegasus surveillance tool. Earlier in 2024, Poland launched an investigation into the use of the Israeli-developed Pegasus spyware against opposition political figures by the previous administration. Google recommends users and organizations apply patches quickly and keep software fully up-to-date to protect against this type of attack. Weve listed the best malware removal tools to help you stay protected. More from TechRadar Pro Check out our pick of the best endpoint protection software around Notorious Russian hackers target government officials Take a look at our pick of the best firewall software ====================================================================== Link to news story: https://www.techradar.com/pro/intellexa-and-nso-group-exploits-used-by-russian -hackers --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .