Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware

  /     /     /  
Publicated : 23/11/2024   Category : security


Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware


Microsoft flagged the companys Subzero tool set as on offer to unscrupulous governments and shady business interests.



A cyber-weapons broker dubbed Knotweed has been outed, with Microsoft flagging it as being behind numerous spyware attacks on law firms, banks, and strategic consultancies in countries around the world.
To boot, Knotweed has made a habit of incorporating rafts of Windows and Adobe zero-day exploits into its spyware since at least 2021, according to Microsoft.
Knotweed falls into a murky category of so-called private sector offensive actors (PSOAs, aka commercial spyware vendors) that hawk their wares to unscrupulous governments and business interests. These ultrasophisticated (and expensive) tools are often used against
dissidents, journalists, and other members of civil society
, but theyve been known to enable straightforward corporate espionage too.
The breed is best exemplified by the infamous NSO Group and Pegasus mobile spyware, but
many others lurk in the shadows
, Microsoft warned.
One such is Knotweed, which is an alias for an Austrian outfit called DSIRF. Its a company that, as
Microsoft explained in a post
on Wednesday, ostensibly sells general security and information analysis services to commercial customers. But thats only part of the story, according to the computing giant.
DSIRF has been linked to the development and attempted sale of a malware toolset called Subzero, which enables customers to hack into their targets computers, phones, network infrastructure and internet-connected devices, according to the analysis.
The aforementioned Microsoft and Adobe bugs in the tool set (detailed in
a technical breakdown
) have been seen in recent cyberattacks against targets in Austria, Panama, and the United Kingdom. In addition to publishing software updates to plug the holes on a regular basis, Microsoft has also published a Subzero malware signature for defense.
More action is needed on a broader level, given that DSIRF will not be the last PSOA to come to light, as Microsoft researchers explained in a brief sent to Congress on Wednesday.
We are increasingly seeing PSOAs
selling their tools to authoritarian governments
that act inconsistently with the rule of law and human rights norms, according to
the brief
(PDF). We welcome Congresss focus on the risks and abuses we all collectively face from the unscrupulous use of surveillance technologies and encourage regulation to limit their use both here in the United States and elsewhere around the world.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware