iPhone users targeted by govt hackers with 0-days vulnerabilities: Google
iPhone users targeted by govt hackers with 0-days vulnerabilities: GoogleIANS

Google has said that government hackers last year used three undiscovered flaws in Apple's iPhone operating system to target users with spyware created by a European startup.

Google's Threat Analysis Group (TAG), which investigates nation-backed hacking, published a report on Tuesday analysing several government campaigns using hacking tools developed by several spyware and exploit sellers, including a Spain-based startup called Variston.

Google reported that in a particular campaign, hackers working for the government exploited three iPhone vulnerabilities known as "zero-days," which were not previously known to Apple.

The hacking tools used in the attack were developed by Variston, a startup that specialises in surveillance and hacking technology.

smartphone spyware

Google has already analysed Variston's malware twice, once in 2022 and again in 2023.

The tech giant said that it identified a previously unknown customer of Variston using zero-day exploits to target iPhones in Indonesia in March 2023.

The attackers employed a technique of sending a malicious link via SMS text message to infect the target's phone with spyware. Afterwards, the victim was redirected to a news article published by the Indonesian newspaper, Pikiran Rakyat.

It is unclear who Variston sold its spyware to. Variston, according to Google, works "with several other organisations to develop and deliver spyware."

Russian threat group delivering malware via campaigns using PDFs: Google
IANS

Moreover, Google also mentioned in the report that their researchers are tracking approximately 40 companies that sell surveillance software and exploits to government clients across the globe.

The report highlighted a few relatively new companies, including Variston, Cy4Gate, RCS Lab and Negg.

In its report, Google stated that it is committed to preventing hacking activities using these companies' capabilities, which have been linked to targeted monitoring of journalists, dissidents, and politicians.

(With inputs from IANS)