A set of hacking tools that exploited vulnerabilities in Chrome and Firefox web browsers has "likely ties” to a company based in Barcelona, Spain, according to findings published Wednesday by Alphabet Inc’s Google.
Google’s Threat Analysis Group, a cybersecurity unit, said in a blog post that the hacking tools, named Heliconia, are likely tied to the Spanish company Variston IT. In addition to exploiting flaws in Chrome and Firefox browsers, the tools could also target vulnerabilities in Microsoft Corp’s security product Defender, according to Google. Heliconia "provides all the tools necessary to deploy a payload to a target device,” Google said.
The flaws have been fixed, but Google researchers believe they were exploited by hackers before they were patched.
In an emailed statement, Variston declined to discuss specific products or customers. Variston works within "the relevant international and national legal framework,” said Ralf Wegener, director at Variston.
An anonymous tipster flagged three software bugs and other details about Heliconia to Google, enabling the company to further investigate, the Threat Analysis Group said.
Google in June said it had been tracking more than 30 firms with "varying levels of sophistication and public exposure” that sold software exploits or surveillance capabilities. The Threat Analysis Group’s research "has shown the proliferation of commercial spyware and the extent to which commercial spyware vendors have developed capabilities that were previously only available to governments with deep pockets and technical expertise,” the company said in a blog post. – Bloomberg