Samsung phones are being targeted by some seriously shady zero-days
Three EMEA Samsung phone models targeted with unknown spyware, Google warns
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
ThreeSamsungsmartphonemodels have been found carrying vulnerabilities that were allegedly abused by a commercial surveillance vendor to spy on people and probably steal their sensitive data.
Researchers fromGoogle’s Project Zero security team said that the Samsung S10, A50, and A51 models were affected, and that only devices powered by Samsung’s home-made Exynos chip were vulnerable, meaning the targets (as well as the attackers) were located in Europe, the Middle East, or Africa.
Google has not named the vendor, but it did say that the vulnerabilities appear to be part of an infection chain. The research team only managed to get a component of the exploit app, meaning it’s still in the dark about the final payload.
Nation-states' spyware
“The first vulnerability in this chain, the arbitrary file read and write, was the foundation of this chain, used four different times and used at least once in each step,” Google Project Zero security researcher Maddie Stone wrote in ablog postoutlining the threat.
“The Java components in Android devices don’t tend to be the most popular targets for security researchers despite it running at such a privileged level,” she added.
NSO Group spyware targeted senior EU officials>Google says NSO Group iPhone hack was “incredible and terrifying”>Check out the best malware removal tools around
Google also said that the exploitation works in a fashion similar to one we’ve seen earlier, when a nation-state attacker targeted individuals with powerful spyware.
This could be referring to Hermit, an Android and iOS spyware that was developed by RCS Lab, an Italian surveillance firm. Back then, Hermit was allegedly targeting people in Italy and Kazakhstan.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Every now and then, a commercial firm gets borderline criminal with its surveillance, spyware-like software. One such example is NSO Group Technologies, an Israeli technology firm primarily known for Pegasus, its proprietary spyware capable of remote zero-click smartphone surveillance. Pegasus has landed NSO Group in the media spotlight more than once, most notably in November 2021, when the US Government banned any trade with the firm.
Via:TechCrunch
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up
