Table of Contents
Even though security is increasing everywhere lately, there’s always groups of people working to find new vulnerabilities. Now, a group of 1337 hackers have managed to infect a range of iOS, Android, and Windows through websites that were compromised.
The 1337 h@x0rs have been using malicious websites to gain access to sensitive parts of the operating system using several security flaws that were found. A security team at Google that looks for exploits on different platforms and said that these hackers found 11 zero-day vulnerabilities in total.The 1337 h@x0rs have been using malicious websites to gain access to sensitive parts of the operating system using several security flaws that were found. A security team at Google that looks for exploits on different platforms and said that these hackers found 11 zero-day vulnerabilities in total.
The attacks began in February of last year and ran until October. They injected malicious code into the webpage via an iframe that pointed to hacked servers. Security researchers said that one server was focused on attacking Windows and iOS users, while another server focused on Android devices.
In October 2020, we discovered that the actor from the February 2020 campaign came back with the next iteration of their campaign: a couple dozen websites redirecting to an exploit server. Once our analysis began, we discovered links to a second exploit server on the same website. After initial fingerprinting (appearing to be based on the origin of the IP address and the user-agent), an iframe was injected into the website pointing to one of the two exploit servers.
Security Researchers
So, What is a Zero Day Exploit?
A zero-day exploit is when a newly discovered vulnerability is exposed while the solution is still unknown to the developers. So, in this case, the hackers had advanced knowledge of what they were doing. This shows in the 1337 groups ability to bypass the security systems of ‘well-fortified OSes and apps that were fully patched.’
This attack was pretty severe because it even affected users that were running the latest versions of software.
Keeping your software up to date is one of the easiest and most effective way to avoid security issues, but as you can see, that alone does not always keep you protected. If you are interested in learning more about this exploit, you can read about it on the Project Zero blog.