X

Google Threat Analytics Group alerts the public about zero-day vulnerabilities

Featured image for Google Threat Analytics Group alerts the public about zero-day vulnerabilities

The internet can be a dangerous place at times, and the Google Threat Analytics Group (TAG) is trying to make it a bit safer. This group dedicates its time and attention to fishing out bad actors that hunt innocent users on the internet. These bad actors aim to steal user data and other personal information with the sole aim of committing a crime.

There are a ton of ways these ill-meaning individuals carry out their attacks, one such is phishing. Whether you are a tech-oriented individual or not, you might have come across the word phishing multiple times. This is simply the act of attempting to gain a user’s personal information by posing as a reputable organization or government agency on the internet.

Sadly, many unsuspecting users have fallen victim to this fraudulent practice carried out by bad actors on the internet. But you can keep yourself safe while using the internet, regardless of the presence of these attacks. The Google Threat Analytics Group (TAG) is also helping guide you on how to spot and avoid these attacks as you surf the internet.

The Google Threat Analytics Group is keeping a watchful eye on phishing attacks taking place on the internet

Two attacks exploiting zero-day vulnerabilities have already been identified by the Google Threat Analytics Group (TAG). The group has also given details about these two attacks and how they work for the public. Armed with this information, netizens will be able to be alert and know how to avoid these attacks if they ever encounter them on the internet.

These attacks can affect Android and iOS devices, as well as the Chrome and Samsung internet browser. The two attacks work in different ways, but they both aim to steal user data for fraudulent practices. Both attacks try to lure unsuspecting victims to click on a URL link sent to them via an SMS.

The first attack is common in Italy, Malaysia, and Kazakhstan and it relies on a Chrome vulnerability. Once the link sent via SMS is clicked, it takes the victim to a malware-infested website. So as not to seem shady, this attack then redirects the victim to a legitimate website after the damage has already been done.

The second attack is a C++ code that targets UAE users and also relies on a browser vulnerability. It also lures the unsuspecting victim to click on a link sent to them via SMS. For some reason, this attack was common in Samsung devices using the brand’s in-house web browser. Both attacks aim to steal user data present on the web and then use them for fraudulent activities.

The vulnerabilities that these attacks employ have long been fixed by the companies running the platforms they exist on. But there is still the need for netizens to be on guard against these attacks. Constantly update your browsers, don’t click on all links sent to you, and be mindful of the websites you visit. By doing this, you should stay clear of most phishing attacks that aim to steal your data.

  翻译: