Google已确认它已经在其Chrome Internet浏览器中修补了严重的安全漏洞，该浏览器使恶意演员可以监视人们并有可能接管其设备。

　　在一篇博客文章中，Google的威胁分析小组的亚当·韦德曼（Adam Weidemann）表示，最早在1月4日被两个独立的网络犯罪实体在野外使用了该缺陷。

　　这两个团体被称为“梦想工作”和Applejeus行动，据称两者都与朝鲜政府有着密切的联系。

　　你可能喜欢

　　Google Chrome Security缺陷可能让黑客间谍在您的所有在线习惯上

　　75 Google发现的零日剥削，政府对攻击越来越责任

　　Google警告朝鲜间谍在西方公司占据一席之地

　　Techradar需要您！

　　我们正在研究读者如何使用具有不同设备的VPN，以便我们可以改善内容并提供更好的建议。这项调查不应花费超过60秒的时间。感谢您参加。

　　>>单击此处在新窗口中开始调查 <<

　　Cleaning out the clues

　　According to Google, the two groups were using the same vulnerability, but their approach, as well as targets, differ. The company says that while Operation Dream Job targeted individuals working at major news organizations, domain registrars, hosting providers, and software vendors, Operation AppleJeus targeted people in the cryptocurrency and fintech businesses.

　　Their methods were different, as well. The former assumed the identities of recruiters, sending fake inquiries for vacant job positions at Google, Oracle, or Disney, and distributing links to websites that imitated Indeed, ZipRecruiter, or DisneyCareers.

　　These sites were loaded with a hidden iframe which would exploit the flaw and allow for remote code execution.

　　The latter, on the other hand, did a similar thing by creating fake websites, but it was also compromising legitimate ones and installing the weaponized iframes on them, as well.

　　Are you a pro? Subscribe to our newsletter

　　Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Read more

　　> North Korean malware could still pose major threat

　　> 安全研究人员受到朝鲜的攻击

　　>微软拆除了50个朝鲜黑客入侵网站

　　研究人员还说，一旦完成工作，这些团体就善于隐藏自己的痕迹。如果他们成功执行远程代码，他们会寻求进一步访问目标端点，然后他们尝试删除其存在的所有痕迹。

　　魏德曼写道：“谨慎保护自己的漏洞，攻击者部署了多个保障措施，使安全团队很难恢复任何阶段。”

　　Google说，攻击者将“仅在特定时间”出现iframes，并且受害者将获得一旦激活的独特链接。攻击的每个步骤都使用AES算法加密，如果其中一个步骤失败，则整个操作将停止。

　　该漏洞是在2月14日修补的。

　　通过：寄存器