Google says Russia-linked APT29 is using exploits that are “identical or strikingly similar” to those previously made by spyware makers Intellexa and NSO Group
«Russian government hackers found using #exploits made by spyware companies NSO and Intellexa: … Frederic Jacobs / @fj@mastodon.social : “Our latest n-day exploit reporting shows that in an attack on Mongolian government websites, Russian-backed APT29 is suspected of using the same exploits as Intellexa and NSO” — https://blog.google/... Zack Whittaker / @zackwhittaker@mastodon.social : New, by me: Google's Threat Analysis Group found evidence that a group of Russian government hackers, aka APT29, are using exploits that are “identical or strikingly similar” to those previously made by spyware makers Intellexa and NSO Group. … X: John Scott-Railton / @jsrailton : BIG DEAL: Russia caught reusing phone exploit strikingly similar to NSO Group's Pegasus spyware. How did Russian Intelligence / #APT29 get it after NSO used it? Google isn't sure yet. But I warned Congress this would happen. It says something about who NSO sourced it from, [video] Lorenzo Franceschi-Bicchierai / @lorenzofb : NEW: Google found evidence that a group of Russian government hackers, aka APT29, are using exploits that are “identical or strikingly similar” to those previously made by spyware makers Intellexa and NSO Group. https://techcrunch.com/... Dan Black / @danwblack : Important report highlighting the SVR's wider enablers: “In each iteration of the watering hole campaigns, [APT29] used exploits that were identical or strikingly similar to exploits previously used by commercial surveillance vendors Intellexa and NSO Group.” Charley Snyder / @charley_snyder_ : Noteworthy new research here on APT29 use of old NSO and Intellexa exploits. In my opinion, this is yet more evidence that the proliferation of commercial hacking capabilities — sometimes into the hands of apex teams like APT29 — poses a serious threat to the web. Adam Rawnsley / @arawnsley : “In each iteration of the watering hole campaigns, the attackers used exploits that were identical or strikingly similar to exploits previously used by commercial surveillance vendors (CSVs) Intellexa and NSO Group.” https://blog.google/... Will / @bushidotoken : Latest 🇷🇺 APT29 (Cozy Bear, Midnight Blizzard) activity below 👇 Billy Leonard / @billyleonard : 🆕🚨 New analysis from @Google TAG on suspected APT29 waterholes against 🇲🇳 gov. n-day exploits targeting iOS and Android we first observed in use from commercial surveillance vendors🫢 more details in the blog! awesome work from @_clem1 and team🤝 https://blog.google/... LinkedIn: Matthias Frielingsdorf : Today Google TAG revealed details about an attack against both Android and iOS devices. The attackers were targeting Safari & Google Chrome with previously already patched vulnerabilities (N-Days). …