When we hear that vulnerabilities in web browsers such as Chrome, Firefox, etc. have been exploited, most likely some of the best hackers of the moment come to mind. However, on this occasion, from Google they already suspect and have “probable links” that it is a Spanish company based in Barcelona.
Obviously, the American company has carried out an investigation to determine who or who had managed to use a set of hacking tools to exploit this series of vulnerabilities in your browser. And, according to the findings that Google has found, everything points to a Spanish company.
A Spanish commercial spyware
Once Google researchers had more than enough evidence to determine who was to blame for exploiting vulnerabilities in the Chrome web browser, as well as others like Firefox, they released all the details about the commercial vendor, based in Spain, called Variston. ITEM.
In said publication, everything that had been investigated is discussed and they even explain how, from the Spanish company, they had developed a commercial spyware, called Heliconia, capable of affecting Chrome.
Although, it could not only attack your browser, but they also found out that this spyware affects Windows Defender security tool as well. And all through Heliconia, since, according to TAG (Google’s Threat Analysis Group), “it provides all the necessary tools to deploy a payload to a target device.”
Although, if it were not for the information they received anonymously, alerting them to software errors and other details about Heliconia, it would have taken Google much longer to be able to investigate everything that happened and, above all, it would have taken longer to find the culprits and put a solution to this malware.
In addition, the anonymous submitter submitted three bugs in particular, each with instructions and most importantly of all, they included the source code. Also, note that they used unique names in reporting these bugs, such as “Heliconia Noise”, “Heliconia Soft”, and “Files”.
We have to do something?
The positive side of this is that the American company has waited to publish what happened once it was resolved and, above all, once they had already been able to patch all those vulnerabilities that they could take advantage of with this particular malware launching attacks of day zero.
For this reason, Google recommends us not to “navigate to dangerous sites or download dangerous files”. In this way, we can have a greater guarantee that we will have total protection against Heliconia and other exploits that hackers can use.
Finally, seeing how commercial spyware is expanding, especially that developed by companies such as the Spanish company on this occasion, from Google’s Threat Analysis Group they make it clear that “the growth of the spyware industry puts users and It makes the Internet less secure.”
