Google Reveals New Facts About Putin’s Envoy, the World’s King of Hackers
Jakarta, CNBC Indonesia – Google has opened up about a hacker group called APT29. This group is reportedly linked to the Russian government, specifically the Russian Foreign Intelligence Service or SVR.
In a report, Google said it had evidence that hackers were using exploits that were identical or very similar to those created by spy software makers Intellexa and NSO Group. However, Google does not yet know how the Russian government could use the exploits. However, this could be an example of how exploits are developed by software makers into the hands of dangerous threat actors, which in this case refers to APT29.
Hidden exploit code was successfully found on the Mongolian government website. The incident occurred between November 2023 and July 2024.
The phones used to access the site for eight months will be hacked. This watering hole attack will steal data and passwords from the victim, quoted from Tech Crunch, Friday (8/30/2024).
The hackers targeted iPhones and iPads. Namely, it aims to steal account cookies stored in Safari, especially email providers as hosting personal accounts and the Mongolian government.
The stolen cookies were then used to access government accounts. Two direct hacks were carried out to steal user cookies stored in Chrome.
Meanwhile, NSO Group ensures that it does not sell its products to Russia. Its consumers are only the authorities in the United States (US) and Israel.
“NSO does not sell its products to Russia. Our technology is sold exclusively to verified US and Israeli intelligence and law enforcement agencies. Our systems and technologies are secure and monitored to detect and neutralize external threats,“ the company explained.
SOURCE : CNBC INDONESIA