Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East

Threat Advisories

Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East

Threat Level
Attack Report

For a detailed advisory, download the pdf file here

Summary

Candiru(Saito Tech) spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability in WebRTC is a heap-based buffer overflow. Its successful exploitation may result in code execution on the targeted device.

Sign up to receive our Weekly Threat Digest