Google published a six-part report today detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices.
The attacks were carried out via two exploit servers delivering different exploit chains via watering hole attacks, Google said.
Also: Best VPNs
“One server targeted Windows users, the other targeted Android,” Project Zero, one of Google’s security teams, said in the first of six blog posts.
Google said that both exploit servers used Google Chrome vulnerabilities to gain an initial foothold on victim devices. Once an initial entry point was established in the user’s browsers, attackers deployed an OS-level exploit to gain more control of the victim’s devices.
The exploit chains included a combination of both zero-day and n-day vulnerabilities, where zero-day refers to bugs unknown to the software makers, and n-day refers to bugs that