Jump to content

Google’s Project Zero shuts down Western counter-terrorist hacker team - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

Google’s Project Zero shuts down Western counter-terrorist hacker team


Recommended Posts

The well-known Project Zero security team run by Google exposed intelligence agency hacking operations by a US-allied nation, according to reports, causing counter-terrorist intelligence efforts to be shut down.

Project Zero is dedicated to finding so-called “zero-day” vulnerabilities in widely used software and systems. A vulnerability is “zero day” when it is not known to exist and therefore no patches or defences have been developed for it. Zero-day exploits are normally quite rare, not coming to light very often. When the Project Zero team discovers a zero-day, they notify the vendors of the affected products with the goal of getting it patched and preventing unauthorised intrusions into systems around the world. They also publicise the vulnerability, letting people know it exists and that patches need to be made.

Earlier this month Maddie Stone, head of Project Zero, issued a blog post describing the team’s efforts against “a highly sophisticated actor”, which Project Zero had first noticed in February 2020. The “sophisticated actor” had been making efforts to target devices using Android and Windows software by luring them in through a “watering hole website” that would attempt to infect some devices using a mixture of three zero-day and other “n-day” (already publicly known) vulnerabilities.

Back in 2020, Stone and her team published detailed analysis on the exploits, bringing the operations of the “sophisticated actor” to a halt and making sure that nobody could use the same vulnerabilities against other targets.

Then, last week, Stone published a new blog post. In it she revealed that the same hacking group had returned in October 2020, deploying no less than seven new zero-day attacks in what Project Zero assessed as “next iteration of the campaign discovered in February 2020”.

The Project Zero team concluded:

Project Zero closed out 2020 with lots of long days analyzing lots of 0-day exploit chains and seven 0-day exploits. When combined with their earlier 2020 operation, the actor used at least 11 0-days in less than a year. We are so thankful to all of the vendors and defensive response teams who worked their own long days to analyze our reports and get patches released and applied.

It has now emerged that the sophisticated actor was an intelligence agency of a US-allied nation, engaged in counter-terrorism operations. This was first reported by MIT Technology Review.

The exposure and blocking of the counter-terrorist operation was not an accident by Google’s Project Zero: the security researchers could see which IP addresses the attackers were trying to compromise, and knew what sort of people would be attracted by the “watering hole” bait website. The Google team took the decision to act in the full knowledge of who and what they were shutting down, a decision which reportedly caused some argument within the company.

Project Zero being who they are, they will always act to eliminate zero-day vulnerabilities as they find them: it’s what they do. If that disrupts lengthy, expensive, taxpayer-funded espionage and intelligence campaigns by friendly nations, in the eyes of Maddie Stone and her team that’s just too bad. It’s collateral damage in the battle to secure the world’s IT systems. There are plenty of government-backed hackers whose operations most Westerners would be happy to see shut down, too.

It’s not a new issue, as many in the field would acknowledge, and a balance always has to be struck. The US has a formal process of assessment for zero-days discovered by its own secret agencies, deciding whether they should be publicised for patching or “stockpiled” for hacking.

Sometimes this goes wrong: the WannaCry malware which crippled the British NHS and other organisations in 2017 was famously based on “Eternal Blue”, a Windows exploit previously developed and used secretly by the US National Security Agency (NSA). Many IT administrators in many organisations that year might have wished that Maddie Stone and Project Zero had found Eternal Blue and dealt with it the way they did the seven new zero-days of last October.

Link to comment
Share on other sites

Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and user will be warned if it happens again. If caught spamming, the following actions are applicable -

  • First time - Warning
  • Second time - 5000 Points will be deducted
  • Third time - Ban for 7 days
  • Fourth time - Permanent Ban

If the post helped you, reward the user by reacting to the post like this -

1.jpg

Link to comment
Share on other sites

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Read this before posting -
  • Only post if you have something valuable to contribute.
  • Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and you will be warned if it happens again.
  • If the post helped you, reward the user by reacting to the post like this -                      1.jpg
Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Customer Reviews

  • Similar Topics

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.