Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
29-August-24
Russian hackers, attributed to the state-backed group APT29, have exploited now-patched flaws in Apple Safari and Google Chrome browsers to launch high-profile cyberattacks against unpatched mobile devices. The attacks, observed between November 2023 and July 2024, involved watering hole campaigns targeting Mongolian government websites. These campaigns utilized vulnerabilities CVE-2023-41993, CVE-2024-4671, and CVE-2024-5274 to deploy information-stealing malware, exfiltrating sensitive data such as browser cookies, passwords, and credit card information. The findings suggest the possible involvement of commercial surveillance vendors and underscore the persistent threat of n-day exploits in unpatched browsers.
