HomeTechnologyWindows, Chrome and Firefox have been exploited without days to spread malware

Technology

Windows, Chrome and Firefox have been exploited without days to spread malware

2 minute read

Cybersecurity researchers from Google’s Threat Analysis Group (TAG) say a commercial company from Spain has developed a exploitation network (Opens in a new tab) for Windows, Chrome, and Firefox, and you’ve likely sold it to government agencies sometimes in the past.

In a blog post published earlier this week, the TAG team said that a Barcelona-based company called Variston IT is likely linked to the Heliconia framework, which exploits back-to-day vulnerabilities in Chrome, Firefox and Google Chrome. Microsoft Defender (Opens in a new tab). It also says that the company has likely provided all the tools needed to deploy the payload on the target End point (Opens in a new tab).

Do not activate exploits

All affected companies fixed vulnerabilities exploited by the Heliconia framework in 2021 and early 2022, and given that TAG found no active exploits, the framework was most likely used in zero days. However, to fully protect against Heliconia, TAG suggests all users to keep their software up-to-date.

Google was first alerted to Heliconia via an anonymous submission to Chrome (Opens in a new tab) Bug reporting program. Whoever submitted the submission added three bugs, each with instructions and an archive with source code. They were called “Heliconia Noise”, “Heliconia Soft”, and “Files”. Further analysis showed that it contains “frameworks for deploying exploits in the wild” and that the source code refers to Variston IT.

Heliconia Noise is described as a framework for spreading a vulnerability for a bug in the Chrome renderer, followed by the possibility of escaping from the sandbox. On the other hand, Heliconia Soft is a web framework that publishes a PDF containing an exploit for Windows Defender, while the files are a collection of Fire Fox (Opens in a new tab) Exploits have been found on both Windows and Linux.

Given the fact that the Heliconia exploit runs on Firefox versions 64-68, it was likely in use in late 2018, as Google suggests.

Speaking to TechCrunch, Variston CIO Ralf Wegner said the company wasn’t aware of Google’s research and couldn’t verify the results, but added that he “would be surprised if this item was found in the wild.”

commercial Spying programs (Opens in a new tab) is a growing industry, says Google, adding that it will not stand by as these entities sell vulnerabilities to governments who then use them to target political opponents, journalists, human rights activists, and dissidents.

Perhaps the most famous example of this is the Israel-based NSO Group and its Pegasus spyware, which has put the company on a US blacklist.

Across: Techcrunch (Opens in a new tab)

Faysal Bank and Bank of Khyber, partner to offer Innovative Financial & Digital Payment Services

Faysal Bank Limited (FBL) and Bank of Khyber have partnered to launch a suite of

The Mandalorian season 3 release date has been delayed — but not by much

The Mandalorian season 3 has finally been given a release date Disney Plus

The Latest

IT Industry Can’t Run Without VPN: Chairman PTA
A meeting of the Senate Standing Committee on IT and Telecom was held under the

November 18, 2024
2 minute read
The Council of Islamic Ideology declared the use of VPN illegal
Allama Raghib Naimi, Chairman of the Council of Islamic Ideology, said in this

November 15, 2024
1 minute read
World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’
Punjab Information Technology Board (PITB) Chairman Faisal Yousaf was presented

August 27, 2024
1 minute read
Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies
Pakistan’s burgeoning Information Technology (IT) sector is facing an

August 18, 2024
2 minute read

Weekly Must-ReadsView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Popular Topics

Trending NowView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Windows, Chrome and Firefox have been exploited without days to spread malware

Do not activate exploits

Leave a Reply Cancel reply

Faysal Bank and Bank of Khyber, partner to offer Innovative Financial & Digital Payment Services

The Mandalorian season 3 release date has been delayed — but not by much

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Wordle Today – Hints, clues and answers for Game #587, Friday January 27th

AI-powered facial recognition service Clearview AI has been fined €20 million in France – Naked Security

Save 83% with Private Internet Access’ huge Black Friday VPN deal

An Official App which can detects Fake Currency Notes is introduced by SBP

Weekly Must-ReadsView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Windows, Chrome and Firefox have been exploited without days to spread malware

Do not activate exploits

Leave a Reply Cancel reply

Faysal Bank and Bank of Khyber, partner to offer Innovative Financial & Digital Payment Services

The Mandalorian season 3 release date has been delayed — but not by much

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

You May Also Like

Wordle Today – Hints, clues and answers for Game #587, Friday January 27th

AI-powered facial recognition service Clearview AI has been fined €20 million in France – Naked Security

Save 83% with Private Internet Access’ huge Black Friday VPN deal

An Official App which can detects Fake Currency Notes is introduced by SBP