Hackers have developed 11 ways to hack iOS, Android and Windows. They were applied throughout 2020.

Hackers Have Developed 11 Ways To Hack Ios Android And.png

 

Breaking into

Employees of the Google Project Zero team said that they found 11 powerful exploits (hacking methods) on the network, which have been developed and used by an unknown group of hackers since February 2020. Hackers exploit new zero-day vulnerabilities on iOS, Android and Windows devices.

According to Maddie Stone, an employee of Google Project Zero, the hacker team is very technically savvy, consists of real professionals in their field and knows about vulnerabilities that are still unknown. All detected exploits are designed for browsers, operate on the wateringhole principle, and use infected websites. The general principle is as follows: an “attack” compromises a site that the owner of the device visits regularly, and then embeds malicious code into the page of this site. The malware automatically redirects the user to an extensive infrastructure, where an exploit is installed on the device that matches the type of device and browser version. As a result, the Trojan gets elevated access rights to the system.

Breaking into

The proof of the professionalism of the hackers is that their software easily programs the Google Chrome browser for Windows, and is also able to receive increased privileges through Safari in iOS 11-13. To hack Android 10, the Samsung browser and the same Google Chrome are used. The Windows version of the browser is infected completely in one “run”, but a chain of sequential exploits is used to gain access to mobile browsers – this is necessary to bypass the protection of iOS and Android.

In February 2020, the same group of hackers allegedly carried out large-scale attacks on Android and Windows users. A few months later, similar attacks were recorded on iOS devices. According to information from Google Project Zero, at the moment the vulnerabilities are still being exploited, however, there have been no successful attacks on devices running iOS 14 and Android 11.