Hackers working for governments were responsible for the majority of zero-Day feats used in the real-world cyber attack last year, per year, per year New research from google,
Google’s report stated that the number of zero-day adventures-referring to the safety defects that were unknown to the software manufacturers, at that time hackers misused them from 98 exploits in 2023, up to 75 adventures in 2024. Hackers.
Among those 23 tasks, 10 zero-days were attributed to governments working directly to governments, including five exploitation related to China and one and five from North Korea.
The identity of one and eight exploits was developed by spyware manufacturers and surveillance ambitions, such as NSO groups, which usually claim to sell only governments. Among the eight tasks done by spyware companies, Google is also counting bugs that were recently exploited by Serbian authorities using celebrite phone-uniting equipment.
Despite the fact that there were eight recorded cases of zero-days developed by spyware manufacturers, a security engineer of the Threat Intelligence Group (GTIG) of Google, Clement Lecigne told Techcrunch that the companies are investing more resources in operational safety to “highlight their capabilities and end in news.”
Google said the spread of monitoring vendors continues.
“While law enforcement action or public disclosure has pushed vendors out of business, we have seen that new vendors have generated to provide similar services,” James Sadowski, a leading analyst of GTIG, told Techcrunch. “The industry will continue to grow as long as government customers continue to request and paying for these services.”
Contact us
Do you have more information about government hacking groups, zero-day developers or spyware manufacturers? From a non-functioning device and network, you can safely contact the Lorenzo francici-bichai via +1 917 257 1382, or telegram and kebase @lorenzofb, or via email.
The remaining 11 responsible zero-days were probably exploited by the cyber criminal, such as ransomware operators targeting enterprise equipment including VPN and router to ransomware operators.
The report also found that most parts of a total of 75 zero-days made during 2024 were targeting consumers and products, such as phones and browser; While the rest of the exploited equipment are usually found on the corporate networks.
According to Google’s report, the good news is that the software manufacturers defending against zero-day attacks are making more difficult for exploitation manufacturers to find fast bugs.
According to the report, “We are seeing a significant reduction in some historically popular goals such as browser and zero-day exploitation of mobile operating systems.”
Sadowski specifically pointed to lockdown mode, a special feature for iOS and MACOS that disables some functionality with the target of harshly to the cellphone and computer, with a proven track record to stop government hackers; as well as Memory tagging extension (MTE), a safety facility of modern Google Pixel chipset that helps to detect some types of bugs and improve the device safety.
Reports like Google are valuable because they give to the industry, and supervisors, data points that contribute to our understanding of how government hackers work-An underlying challenge with zero-day count is that, by nature, some of them become undetermined, and some of them who are detected, some still go without any attachment.
