New Delhi: Google's Threat Analysis Group (TAG) recently shared findings about government-backed hackers using hidden weaknesses in Apple's iPhone software. These hackers targeted users with spyware developed by a European company named Variston.


Zero-Day Vulnerabilities


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

During a particular hacking campaign, government hackers exploited three unknown weaknesses in Apple's iPhone operating system. These are called "zero days" because they were previously unknown to Apple. (Also Read: WhatsApp To Introduce Third-Party Chat Support)


The spyware used in the attack was created by Variston, a company specializing in surveillance technology. (Also Read: BharatPe Faces Government Inquiry Amidst Legal Turmoil)


Variston's Role


Variston, a startup focused on surveillance and hacking tools, developed the spyware used in the attack. Google had previously analyzed Variston's malware in 2022 and 2023.


Indonesian Targeting


In March 2023, Google discovered a previously unknown Variston customer using these spyware tools to target iPhones in Indonesia. The attackers sent malicious links via SMS text messages, infecting victims' phones with spyware.


Victims were then directed to a news article from the Indonesian newspaper, Pikiran Rakyat.


Unknown Buyers


It's unclear who Variston sold its spyware to. According to Google, Variston collaborates with various organizations to develop and distribute spyware.


Surveillance Software Sellers


Google's report also mentioned tracking around 40 companies worldwide that sell surveillance software to government clients. Among these are relatively new companies like Variston, Cy4Gate, RCS Lab, and Negg.


(With IANS Inputs)