Google’s Threat Analysis Group (TAG) has reported that Variston’s spyware tools are being used by hackers in the UAE. Analysis by Google revealed that hackers were targeting Samsung Android browser users in the UAE using a set of chained vulnerabilities, including two zero-days, the last of which allowed for user data to be extracted, sending data from chat and browser apps back to the attackers. The Google report also highlighted campaigns that engage iOS zero-day bugs and a Cytrox predator spyware technique. Additionally, Google reported three Android bugs, including a zero-day, that were exploited to attack ARM-based graphics processing chip devices from Samsung, Xiaomi, Oppo and Google, with ARM itself releasing a patch. The report noted that the commercial spyware industry continues to thrive and issued a warning that stockpiling and using zero-day vulnerabilities could pose a severe risk to the internet.
Spanish-made spyware targeted UAE users, says Google.
