Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East
Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East
Threat Level
Attack Report
For a detailed advisory, download the pdf file here
Summary
Candiru(Saito Tech) spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability in WebRTC is a heap-based buffer overflow. Its successful exploitation may result in code execution on the targeted device.