A sophisticated hacking campaign that has previously been witnessed by security flaws on Android, Windows and iOS devices is in fact the work of “Western government agents” who carry out a “counter-terrorism operation”, according to a new report from the MIT Technology Review.
The campaign in question, which has he drew more and more attention from the media in the last few weeks, was the first written about in January by Google’s Project Zero threat research team. At the time, all that was known publicly was that someone had to do very difficult business: a “very sophisticated” group, probably made up of “expert teams”, was responsible for targeting numerous zero-day vulnerabilities (the grand total would be 11) in various prominent operating systems, the researchers wrote.
This hacking campaign, which lasted for about nine months, used the so-called Watering hole method—In which a threat actor injects malicious code into a website to “block” it effectively (site visitors will later be infected with malware, allowing the hacker to target and escalate the compromise of certain targets).
From all these descriptors, the signs naturally indicated the involvement of some kind of high-level national state hackers – although few would have guessed that the culprits were, in fact, our friends! However, this seems to be the case. It is not clear which government is actually responsible for the attacks, who were its targets or what the so-called “anti-terrorism” operation involved in all this entailed. MIT did not disclose how they entered this information.
One thing is certain: Google’s discovery and subsequent public disclosure of the exploits (as well as the company’s decision to repair the vulnerabilities) have apparently derailed any government operation. MIT writes that, by making public, the technology company has effectively shut down a “live anti-terrorism” cyber mission, also adding that “it is not clear whether Google has previously informed government officials that it will advertise and shut down” the attacks. This appears to have “caused internal divisions within Google and raised questions within the US intelligence community and its allies.”
G / O Media may receive a commission
There are a lot of questions here, obviously. First of all, what government was doing this? What was the threat of “terror” they were investigating? What websites were used to track down the terrorists mentioned? Given the sensitive political nature of these types of operations, we are unlikely to receive answers to these questions – at least not immediately. But, since there is so little information available, it is also quite difficult to understand whether Project Zero was justified in doing the operation or not, or what is happening right here.
Looks like Google knows who the hackers and MIT are rEPORTS that the incident sparked a debate at the company as to whether counter-terrorism operations like this should be considered “out of bounds” for public disclosure or whether it would be appropriate to disclose their vulnerabilities to “protect users and makes the internet safer. ”