Google: Seven zero-days in 2021 developed commercially and sold to governments
Google’s Threat Analysis Group (TAG) released a new report on Thursday chronicling an Italian spyware vendor selling technology used on victims in Italy and Kazakhstan.
The report mirrors another from cybersecurity company Lookout that was published last week covering “Hermit” – a brand of surveillanceware developed by spyware vendor RCS Labs and telecoms company Tykelab Srl.
The Google report examined the spyware from RCS Labs, noting that the Italian vendor “uses a combination of tactics, including atypical drive-by downloads as initial infection vectors, to target mobile users on both iOS and Android.”
Google TAG researchers Benoit Sevens and Clement Lecigne also touch on the wider commercial spyware industry, noting that Google continues to track the activities of vendors and recently testified at the EU Parliamentary hearing on “Big Tech and Spyware” about the work they’re doing “to monitor and disrupt this thriving industry.”
“Seven of the nine zero-day vulnerabilities our Threat Analysis Group discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors,” Sevens and Lecigne explained.
“TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors. Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits. This makes the Internet less safe and threatens the trust on which users depend.”
iOS and Android versions
