Annoying LinkedIn Networkers Actually Russian Hackers Spreading Zero-Days, Google Says
Most LinkedIn spam is just annoying. But new research from Google suggests some of it was outright dangerous: Russian government hackers targeted European government officials with LinkedIn messages that contained malicious links designed to exploit unknown vulnerabilities in Windows and iOS, according to Google's report.
Google's Threat Analysis Group published new research on Wednesday, detailing several hacking campaigns leveraging a series of zero-day exploits, meaning hacks that rely on vulnerabilities that are unknown to the developers of the targeted software.
One of the hacking campaigns, the one targeting "government officials from western European countries," as Google put it, relied on a zero-day in WebKit, the browser engine developed by Apple, which is used in Safari and all the major browsers for iOS. This vulnerability (named CVE-2021-1879) was patched by Apple on March 26.
As Motherboard reported in May , this year has been particularly bad when it comes to WebKit vulnerabilities exploited by hackers in the wild.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25330660/STK414_AI_CHATBOT_H.jpg)
