Google’s Project Zero For Sophisticated Windows & Android Hacking Operation

by Zazz January 13, 2021 Time to Read Blog: 3 minutes

The attackers use a combination of Chrome, Windows, and Android vulnerabilities. It consists of zero-day and n-day exploits. Google published a six-part report detailing the futuristic hacking operations the company detected in 2020.

However, it will target both Android and Windows device owners. The attack carries via two exploit servers, which send different exploit chains through the watering hole attack.

Google Disclose Project Zero For Windows & Android hacking operation.

Recently, Project Zero launched and its initiative aimed at researching the latest ways to detect 0-day exploits in the wild. Through a partnership with the Google Threat Analysis Group, one of the first outcomes of this initiative will be discovering a water hole attack in Q1 2020 carried out by a very sophisticated actor.

Google said it found two exploit servers that provided different exploitation chains through the watering hole attack. One server targets Windows users, the other targets Android. As per the android app development agency, both Windows and Android servers use the Chrome exploit. Exploits for Chrome and Windows include 0-day. For Android, the exploit chain uses the publicly known n-day exploit.

What’s The Latest News Included?

Google has released a six-part report, providing details on the complex hacking operation it discovered in 2020. The hacking process targeted all Android and Windows devices. According to Google, it launched the attack via two exploit servers. Each server sends a different exploit chain through the watering hole attack. However, this is done by gathering information about the targeted groups regarding what websites they frequently install malware on these sites to infect the group’s systems. One server targets Windows users, while the other targets Android users. As per the efficient app development company, both of them exploited a vulnerability to get early access to the victim’s device. 

The attackers use OS-level exploits to gain more control over the victim’s device once they have successfully created an initial entry point in the victim’s browser. The exploitation chain includes zero-day and n-day vulnerabilities. This server contains four render bugs in Google Chrome, two sandbox bypass exploits that abuse zero-day flaws in Windows OS, and a privilege escalation kit consisting of n-day exploits for older versions of the Android OS. This article continues to discuss findings shared by Google surrounding Futuristic Windows & Android hacking operations.

Overall, Google Says the Exploits Server Consists of:

  • Four render bugs in Google Chrome, one of which is still 0 days at the time of its discovery.
  • Two sandbox escape exploits that abuse three 0-day vulnerabilities in Windows OS.
  • And a privilege escalation kit consisting of publicly known n-day exploits for older Android OS versions.

The Four Day zeros, all of which were patched by Spring 2020, are as follows:

  • CVE-2020-6418 – Chrome Vulnerability in TurboFan (Repaired February 2020)
  • CVE-2020-0938 – Font Vulnerability in Windows (Repaired April 2020)
  • CVE-2020-1020 – Font Vulnerability in Windows (Repaired April 2020)
  • CVE-2020-1027 – Windows CSRSS Vulnerability (Repaired April 2020)

Source: https://googleprojectzero.blogspot.com/2021/01/introducing-in-wild-series.html

Google says that while they found no evidence of an Android zero-day exploit being hosted on the exploit’s server. However, its security researchers believe that the threat actor likely also had access to Android zero-days but most likely didn’t host it. On the server when researchers found it.

Summary 

Above here, we have discussed Google’s latest update on Project Zero. However, finally, Google reveals futuristic Windows and Android hacking operations. Read the complete article to understand every aspect in depth. At Zazz, we provide you all the required technical or non-technical, latest, and updated information at your fingertips.

Moreover, we are well-known mobile application developers in USA and offer app development services worldwide. Thus, if you think we missed something or want to know more about app development, contact us immediately. Our developers will assist you with the best of their knowledge. 

Also Read

How iPhone and Apple Watch Apps Help You to Achieve New Year Resolutions?

How App Store Generated More Revenue Than Play Store in This Pandemic?

Apple’s M1 Chip Can Run Windows 10 Two Times Faster than On Surface Pro X

Apple M1 Chip Vs Intel i7

Embracing IoT Solutions for Smart HVAC System in CES 2021

Google’s Project Zero For Sophisticated Windows & Android Hacking

What Is The Role Of Android In IoT?

New Features for Android 11 with Developer Preview 3

Which Company Developed Android?

How to Find Best Android App Development Company in USA?

Android Q to Improve Privacy, Customization and your Wellbeing

zazz-io

Zazz has since been committed to facilitating services that go beyond excellence. We create apps to meet the needs of an evolving digital landscape. We are a leading mobile app development company . We design & develop web & mobile apps that drive today's businesses. Backed by research and development, Zazz uses technology, software, mobile, and customer service to create new revenue-generating opportunities. So contact Zazz to see your dream idea as the next big thing. We Offer Top Services iOS App Development , Android app development , React development , Flutter development , IoT Development , AR / VR development , Digital Marketing Services - SEO , SMO , PPC , Content Marketing, etc.

Recent Articles

What is HTTP2: Understand How Does...

What is HTTP / 2? HTTP / 2 is the...

How to develop a Recognition Mobile...

Landmark recognition apps are used to identify landmarks by including...

Widgetsmith: A New Collection of Health...

If you have recently just bought and unwrapped a new...