Monthly Archives: May 2022

GSoC 2022 accepted Contributors announced!

May is here and we’re pleased to announce the Google Summer of Code (GSoC) Contributors for 2022. Our 196 mentoring organizations have spent the last few weeks making the difficult decisions on which applicants they will be mentoring this year as GSoC Contributors


Some notable results from this year’s application period
  • Over 4,000 applicants from 96 countries
  • 5,155 proposals submitted
  • 1,209 GSoC contributors accepted from 62 countries
  • 1,882 mentors and organization administrators
For the next few weeks our GSoC 2022 Contributors will be actively engaging with their new open source community and learning the ins and outs of how their new community works. Mentors will help guide them through the documentation and processes the community uses as well as helping the GSoC Contributors with planning their milestones and projects for the summer. This Community Bonding period helps familiarize the GSoC Contributors with the languages and tools they will need to successfully complete their projects. Coding begins June 13th and for most folks will wrap up September 5th, however this year GSoC Contributors can request a longer coding period wrapping up their projects by mid November.

Thank you to all the applicants who reached out to our mentoring organizations to learn more about the work they do and for the time they spent crafting their project proposals. We hope you all learned more about open source and maybe even found a community you want to contribute to even outside of GSoC. Staying connected with the community or reaching out to other organizations is a great way to set the stage for future opportunities. Open source communities are always looking for new, excited contributors to bring fresh perspectives and ideas to the table. We hope you connect with an open source community or apply to a future GSoC.

There are many changes to this 18th year of GSoC and we are excited to see how our GSoC Contributors and mentoring organizations take advantage of these adjustments. A big thank you to all our mentors and organization administrators who make this program so special.

GSoC Contributors—have fun this summer and keep learning! Your mentors and community members have dozens and in some cases, hundreds of years of experience, let them share their knowledge with you and help you become awesome open source contributors!

By Stephanie Taylor, Google Open Source

Enjoy a warm cup of trends for International Tea Day

From bubble tea to tea ceremonies, tea has deep roots and profound cultural significance across Asia[7213a8]. Just ahead of the United Nations’ International Tea Day on Saturday, May 21, we looked at trends on Google Search around the world and found bags of insights into what the world is searching for when it comes to this brew-tea-full beverage.

Worldwide populari-tea

Assam, green or bubble: tea is the world’s most-consumed drink apart from water, so even if Earl Grey isn’t your thing, there's most likely a brew out there that fits you to a T. But which types of tea are the most popular?

  1. Bubble tea
  2. Green tea
  3. Matcha
  4. Black tea
  5. Milk tea
  6. Kombucha
  7. Masala chai
  8. Iced tea
  9. Hibiscus tea
  10. Ginger tea

Worldwide top-searched types of tea, past 12 months. Source: Google Trends.

Green tea used to be the most popular type of tea on Search — until last year, when bubble tea bubbled up to become the most-searched type of tea around the world. The rise has been remarkable, with search interest for bubble tea more than tripling in the last five years, an increase of +220% worldwide. We’ve seen a similar trend with matcha; the beverage is now the world’s third most popular type of tea after search interest went up by +70% in the last five years.

Trends chart showing the rise in searches for bubble tea, green tea, and matcha trends on Google Search, worldwide 2004-present.

Bubble tea, green tea, and matcha trends on Google Search, worldwide 2004-present. Source: Google Trends.

None of this can take away from green tea’s impressive run at the top of the most-searched tea rankings since 2004 (when Google Trends data started). Matcha — the second most searched type of tea worldwide in the past 18 years — is no match(a) for green tea, which has been searched twice as much. In four of the five areas in Asia-Pacific that search for tea the most, green tea was the most-searched type, except in Taiwan, where black tea was most popular, followed by matcha, then green tea.

Versatilit-tea: tea recipes

Perhaps what makes tea so popular is that there are so many different ways to make it. The trend for tea recipes — adding ingredients like honey, lemon or ginger into the pot — is huge in Asia-Pacific, with half of the 10 countries or regions that have searched most for tea recipes over the past 12 months coming from the region.

  1. Vietnam
  2. Taiwan
  3. Hong Kong
  4. Singapore
  5. Latvia
  6. Brazil
  7. Mexico
  8. Honduras
  9. Japan
  10. Panama

Top 10 countries / regions searching for tea recipes, past 12 months. Source: Google Trends.

Trends chart showing tea recipe trends from the past twelve months on Google Search, in Vietnam, Taiwan, Hong Kong, Singapore.

Tea recipe trends from the past twelve months on Google Search, in Vietnam, Taiwan, Hong Kong, Singapore. Source: Google Trends.

As a personal side note, as someone born in the U.K., I thought the British were obsessed with tea, but search interest for tea in Vietnam was +20% higher than my home country in the last 12 months, and Taiwan searched 2.3x more for tea than the U.K. (+130%). Hong Kong’s and Thailand’s level of search interest was +80% and +60% higher, too, respectively.

Those were just a few trends we spotted, and you can of course use the free Google Trends tool to find your own. But however you take your tea, or your trends, we hope you take oolong time this International Tea Day to enjoy it.

Chrome Dev for Android Update

Hi everyone! We've just released Chrome Dev 103 (103.0.5060.13) for Android. It's now available on Google Play.

You can see a partial list of the changes in the Git log. For details on new features, check out the Chromium blog, and for details on web platform updates, check here.

If you find a new issue, please let us know by filing a bug.

Krishna Govind
Google Chrome

New banners in Google Chat protect against malicious links

Quick summary 

In Google Chat, you’ll see banners warning against potential phishing and malware messages coming from users with personal Google Accounts. These warning banners, which are already available in Gmail and Google Drive, help protect users against malicious actors, keeping data safe. 





Additional details 

In Gmail, warning banners are displayed when responding to emails sent from outside of your organization. Now, Android warning banners are also displayed as you add new external recipients. Admins can turn these specific warning labels on or off for their organization


Getting started 


Rollout pace 


Availability 

  • Available to all Google Workspace customers, as well as legacy G Suite Basic and Business customers 
  • Available to users with personal Google Accounts 

Resources 

Use Connected Sheets with VPC-SC protected data, improved Cloud Audit Logs for Connected Sheets events

What’s changing 

BigQuery datasets that are behind a perimeter created by VPC Service Controls can now be accessed using Connected Sheets


We’ve also made improvements to the Connected Sheets logging in the Cloud Audit Logs. See the “Additional details” section below for more information. 


Who’s impacted 

Admins and end users 



Why you’d use it 

This change gives VPC Service Controls Admins and Editors the ability to allow members of your organization to access, collaborate on, and generate insights from VPC Service Controls protected data via Connected Sheets. 



Additional details 

By default, Connected Sheets cannot access BigQuery data that is protected by VPC Service Controls; however, VPC Service Controls perimeters can now be configured to allow queries issued through Connected Sheets to succeed. This configuration can only be changed by VPC Service Controls Admins and Editors. 



Improved Connected Sheets logging 
Whenever BigQuery data is accessed in Connected Sheets, entries are recorded for who accessed the data and when in Cloud Audit Logs


Now, the Cloud Audit Logs will additionally include the ID of the spreadsheet that generates the BigQuery data access. Every spreadsheet has a unique ID containing letters, numbers, hyphens, or underscores, which can be found in the Google Sheets URL. Use this documentation to learn more about where to find this additional information in the Cloud Audit Logs. 


Getting started 


Rollout pace 


Availability 

  • Available to all Google Workspace customers Available to users with personal Google Accounts 
  • Not available to legacy G Suite Basic and Business customers

Resources 

Dev Channel Update for Desktop

 The Dev channel has been updated to 103.0.5060.13 for Windows, Mac and Linux.

A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Prudhvikumar Bommana

Google Chrome

Finding courage and inspiration in the developer community

Posted by Monika Janota

How do we empower women in tech and equip them with the skills to help them become true leaders? One way is learning from others' successes and failures. Web GDEs—Debbie O'Brien, Julia Miocene, and Glafira Zhur—discuss the value of one to one mentoring and the impact it has made on their own professional and personal development.

A 2019 study showed that only 25% of keynote speakers at tech events are women, meanwhile 70% of female speakers mentioned being the only woman on a conference panel. One way of changing that is by running programs and workshops with the aim of empowering women and providing them with the relevant soft skills training, including public speaking, content creation, and leadership. Among such programs are the Women Developer Academy (WDA) and the Road to GDE, both run by Google's developer communities.

With more than 1000 graduates around the world, WDA is a program run by Women Techmakers for professional IT practitioners. To equip women in tech with speaking and presentation skills, along with confidence and courage, training sessions, workshops, and mentoring meetings are organized. Road to GDE, on the other hand, is a three-month mentoring program created to support people from historically underrepresented groups in tech on their path to becoming experts. What makes both programs special is the fact that they're based on a unique connection between mentor and mentee, direct knowledge sharing, and an individualized approach.

Photo of Julia Miocene speaking at a conference Julia Miocene

Some Web GDE community members have had a chance to be part of the mentoring programs for women as both mentors and mentees. Frontend developers Julia Miocene and Glafira Zhur are relatively new to the GDE program. They became Google Developers Experts in October 2021 and January 2022 respectively, after graduating from the first edition of both the Women Developer Academy and the Road to GDE; whilst Debbie O'Brien has been a member of the community and an active mentor for both programs for several years. They have all shared their experiences with the programs in order to encourage other women in tech to believe in themselves, take a chance, and to become true leaders.

Different paths, one goal

Although all three share an interest in frontend development, each has followed a very different path. Glafira Zhur, now a team leader with 12 years of professional experience, originally planned to become a musician, but decided to follow her other passion instead. A technology fan thanks to her father, she was able to reinstall Windows at the age of 11. Julia Miocene, after more than ten years in product design, was really passionate about CSS. She became a GDE because she wanted to work with Chrome and DevTools. Debbie is a Developer Advocate working in the frontend area, with a strong passion for user experience and performance. For her, mentoring is a way of giving back to the community, helping other people achieve their dreams, and become the programmers they want to be. At one point while learning JavaScript, she was so discouraged she wanted to give it up, but her mentor convinced her she could be successful. Now she's returning the favor.

Photo of Debbie O'Brien and another woman in a room smiling at the camera

Debbie O'Brien

As GDEs, Debbie, Glafira, and Julia all mention that the most valuable part of becoming experts is the chance to meet people with similar interests in technology, to network, and to provide early feedback for the web team. Mentoring, on the other hand, enables them to create, it boosts their confidence and empowers them to share their skills and knowledge—regardless of whether they're a mentor or a mentee.

Sharing knowledge

A huge part of being a mentee in Google's programs is learning how to share knowledge with other developers and help them in the most effective way. Many WDA and Road to GDE participants become mentors themselves. According to Julia, it's important to remember that a mentor is not a teacher—they are much more. The aim of mentoring, she says, is to create something together, whether it's an idea, a lasting connection, a piece of knowledge, or a plan for the future.

Glafira mentioned that she learned to perceive social media in a new way—as a hub for sharing knowledge, no matter how small the piece of advice might seem. It's because, she says, even the shortest Tweet may help someone who's stuck on a technical issue that they might not be able to resolve without such content being available online. Every piece of knowledge is valuable. Glafira adds that, "Social media is now my tool, I can use it to inspire people, invite them to join the activities I organize. It's not only about sharing rough knowledge, but also my energy."

Working with mentors who have successfully built an audience for their own channels allows the participants to learn more about the technical aspects of content creation—how to choose topics that might be interesting for readers, set up the lighting in the studio, or prepare an engaging conference speech.

Learning while teaching

From the other side of the mentor—mentee relationship, Debbie O'Brien says the best thing about mentoring is seeing the mentees grow and succeed: "We see in them something they can't see in themselves, we believe in them, and help guide them to achieve their goals. The funny thing is that sometimes the advice we give them is also useful for ourselves, so as mentors we end up learning a lot from the experience too."

TV screenin a room showing and image od Glafira Zhur

Glafira Zhur

Both Glafira and Julia state that they're willing to mentor other women on their way to success. Asked what is the most important learning from a mentorship program, they mention confidence—believing in yourself is something they want for every female developer out there.

Growing as a part of the community

Both Glafira and Julia mentioned that during the programs they met many inspiring people from their local developer communities. Being able to ask others for help, share insights and doubts, and get feedback was a valuable lesson for both women.

Mentors may become role models for the programs' participants. Julia mentioned how important it was for her to see someone else succeed and follow in their footsteps, to map out exactly where you want to be professionally, and how you can get there. This means learning not just from someone else's failures, but also from their victories and achievements.

Networking within the developer community is also a great opportunity to grow your audience by visiting other contributors' podcasts and YouTube channels. Glafira recalls that during the Academy, she received multiple invites and had an opportunity to share her knowledge on different channels.

Overall, what's even more important than growing your audience is finding your own voice. As Debbie states: "We need more women speaking at conferences, sharing knowledge online, and being part of the community. So I encourage you all to be brave and follow your dreams. I believe in you, so now it's time to start believing in yourself."

Belonging at Google in Europe, the Middle East and Africa

Building for everyone requires vision, and constant revision. Every product we create requires continually trying new things, examining data and learning from both our successes and failures to do better every day. Our work on Diversity, Equity and Inclusion (DEI) is no different. Google first published its Diversity Annual Report in 2014 and since then we’ve built on what we’ve learned to increasingly make Google a place that is truly for everyone. Last year, for the first time, the data in the report was broken down across Google’s business regions. With this year’s report we now have the opportunity to report on progress for the business region that encompasses Europe, the Middle East and Africa which we call EMEA.

I’ve led Google’s DEI programs in EMEA since 2019. I’m often asked what DEI looks like in such a diverse region. How can one approach work from Paris to Lagos and from Milan to Tel Aviv? It’s not simple, but we are committed to finding ways to make progress. Each country has different rules governing what data we can collect and what policies are permissible. Our DEI data isn’t perfect, but it’s essential for us to measure our progress as it helps keep us honest about where we are at and where we want to be.

Representation of women in EMEA

The data shows that we have increased the overall representation of women in our workforce from 32.7% to 33.8%. That might sound small, but in an organization the size of Google in EMEA (over 25,000 employees and interns) this represents a significant shift.

We continue to make progress in the hiring of women in EMEA with an overall increase of 14%. Specifically, women made up 28% of our tech hires, 49.2% of our non-tech hires and 47.1% of our Leadership hires. This is an increase year on year of 27% for non-tech and 64% for leadership hires with tech hires staying the same.

Our focus on increasing representation of women in leadership roles across EMEA is showing promising results. We saw a significant gain of 10% in the representation of women in leadership roles which now stands at 29.7%. It’s good to see progress, but there is more to do here.

We know efforts to develop talent from under-represented groups need to start early. We have amplified our efforts to support gender equity in a number of countries in Africa, sponsoring and providing content for the Our Girls, Our Future conference for young women interested in the tech industry. Across Sub-Saharan Africa, we partnered with the Graca Machel Trust to provide digital skills training for more than 5,000 women entrepreneurs.

We also grew Mind the Gap, an initiative we started in Israel in 2008 that encourages women and girls to pursue STEM careers. Mind the Gap transitioned to a virtual platform at the beginning of the pandemic. In 2021, the program reached more than 60,000 students in Israel and expanded to Romania and Ghana.

Racial equity in EMEA

Last year, for the first time, we were able to report race data for our business region in the Diversity Annual Report, thanks to almost three quarters of Googlers in EMEA voluntarily providing this information.

We see White+* continue to account for the highest representation in EMEA (78.1% versus 80.4% last year). Representation of Asian+* Googlers shows the largest increase (from 10.9% to 12.1%), followed by MENA+* (from 7.3% to 7.8%), Black+* (from 2.8% to 3.2%), Latinx+ (from 3.8% to 3.9%) and Indigenous+ (no change at 0.3%).

Where we need to make better progress is in the speed at which things are changing. For example, there has been an increase in representation of MENA+ leaders (from 4.5% to 5.8%) and an increase in representation of Black+ leaders (from 3.3% to 3.8%) across EMEA - but we need to see more progress here. And representation for all racial categories except Black+ and White+ are lower in leadership than in the overall population.

Growing leadership is one of the key planks of our racial equity plans in EMEA. Here’s how we’re focusing our efforts:

  • In recruiting: In 2021, we set an aspiration to double the number of Black+ directors by 2023. Additionally, we aim to drive Black+ representation at all levels across our talent engagement, outreach initiatives and inclusive hiring commitments.
  • Baseline data: Where legally permissible, we have started to collect application data to help understand the representation of our candidates.
  • Nurturing talent: We relaunched Elevate+, a six-month-long EMEA specific program that offers one-on-one mentorship and coaching to Black+ employees. To date, nearly 200 Googlers have participated in this program.
  • Educating majority groups: We continue to engage Googlers through comprehensive anti-racism and racial equity education, such as trainings and our speaker series on racial justice. We also have a thriving community of allyship groups across EMEA.

It’s not just about supporting racial equity in our workforce — it’s also important to support the wider community. Black founders in EMEA received $63 million in ‘follow-on’ funding after they participated in our Black Founders Fund, with 95% of participants reporting a positive impact on their startup’s ability to fundraise. We announced a second fund earlier this year.

Disability in EMEA

Our recruiting teams and local HR teams work closely with our Disability Alliance group to progress our commitments to communities with disabilities, ensuring that our hiring process is accessible and our culture and managers are prepared to support and lead Googlers with disabilities.

Our talent engagement team in EMEA hosted its first ever Disability Conference (DisCo for short) for nearly 2000 students, new graduates and industry professionals with disabilities. The conference created a space for people with disabilities and allies to connect and engage with each other and Google.

We’re also fostering new connections with disability communities around the globe. Last year, our London, Dublin, Munich, Zurich, Wroclaw and Nairobi offices celebrated #PurpleLightUp, a global campaign that celebrates every employee with a disability around the world. Leaders from each office also held conversations with our employee resource group (ERG) for Googlers with disabilities.

LGBTQ+ representation in EMEA

We have incredibly active Pride and Trans employee resource groups at Google. These groups play a critical role in promoting belonging and inclusion within the LGBTQ+ community - from creating thoughtful programming for Trans Awareness week to leading Pride events activations across 26 countries, from Poland to South Africa.

Google is also a founding member of We Are Open, an alliance of businesses and other organizations in Hungary that promotes diversity and inclusion at the workplace, focusing on LGBTQ+ inclusion. In line with Google’s vision to be helpful for all, including our LGBTQ+ communities and its allies, we were excited to partner with Open for Business in creating a report on LGBTQ+ inclusion in Central and Eastern Europe that was released last year.

In addition, to aid small business recovery during the pandemic, we launched a global campaign to help support and celebrate LGBTQ+ friendly spaces - from a LGBTQ+ bookstore in Sweden, to Rainbow Square in Copenhagen. Google also officially supported the Ja Für Alle campaign in the referendum for Equal Marriage rights in Switzerland.

In conclusion

It’s up to every one of us to contribute to building a more inclusive, equitable, and representative workplace, region and world where everyone feels they belong. We have a responsibility to relentlessly represent and support the rich diversity of talent in our region and to make Google a place where everyone can thrive. This work is not a one-off effort. It requires thoughtful and committed, ongoing systemic action. Only by committing to doing this work together can we make meaningful and long lasting change.

If you’d like to find out more, please take a look at this year’s Diversity Annual Report.

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

This blog is a follow up to our July 2021 post on four 0-day vulnerabilities we discovered in 2021, and details campaigns targeting Android users with five distinct 0-day vulnerabilities:

We assess with high confidence that these exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different government-backed actors who used them in at least the three campaigns discussed below. Consistent with findings from CitizenLab, we assess government-backed actors purchasing these exploits are located (at least) in Egypt, Armenia, Greece, Madagascar, Côte d’Ivoire, Serbia, Spain and Indonesia.

The 0-day exploits were used alongside n-day exploits as the developers took advantage of the time difference between when some critical bugs were patched but not flagged as security issues and when these patches were fully deployed across the Android ecosystem. Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits.

Seven of the nine 0-days TAG discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors. TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors.

Campaign Deep Dives

All three campaigns delivered one-time links mimicking URL shortener services to the targeted Android users via email. The campaigns were limited — in each case, we assess the number of targets was in the tens of users. Once clicked, the link redirected the target to an attacker-owned domain that delivered the exploits before redirecting the browser to a legitimate website. If the link was not active, the user was redirected directly to a legitimate website. We've seen this technique used against journalists and other unidentified targets, and alerted those users when possible.

We assess that these campaigns delivered ALIEN, a simple Android malware in charge of loading PREDATOR, an Android implant described by CitizenLab in December 2021. ALIEN lives inside multiple privileged processes and receives commands from PREDATOR over IPC. These commands include recording audio, adding CA certificates, and hiding apps.

Campaign #1 - redirecting to SBrowser from Chrome (CVE-2021-38000)

The first campaign, detected in August 2021, used Chrome on a Samsung Galaxy S21 and the web server immediately replied with a HTTP redirect (302) pointing to the following intent URL. This URL abused a logic flaw and forced Chrome to load another URL in the Samsung Browser without user interaction or warnings.

We did not capture the subsequent stages, but assess the attackers did not have exploits for the current version of Chrome (91.0.4472) at that time, but instead used n-day exploits targeting Samsung Browser, which was running an older and vulnerable version of Chromium.

We assess with high confidence this vulnerability was sold by an exploit broker and probably abused by more than one surveillance vendor.

More technical details about this vulnerability are available in this RCA by Maddie Stone.

hash

Related IOCs

  • s.bit-li[.]com - landing page
  • getupdatesnow[.]xyz - exploit delivery server

Campaign #2 - Chrome sandbox escape (CVE-2021-37973, CVE-2021-37976)

In September 2021, TAG detected a campaign where the exploit chain was delivered to a fully up-to-date Samsung Galaxy S10 running the latest version of Chrome. We recovered the exploit used to escape the Chrome Sandbox, but not the initial RCE exploit.

The sandbox escape was loaded directly as an ELF binary embedding libchrome.so and a custom libmojo_bridge.so was used to ease the communication with the Mojo IPCs. This means the renderer exploit did not enable MojoJS bindings like we often see in public exploits.

Analysis of the exploit identified two different vulnerabilities in Chrome:

  • CVE-2021-37973: A use-after-free in the handling of Portals API and Fenced subframes.
  • CVE-2021-37976: An information leak in memory_instrumentation.mojom.Coordinator where Global Memory Dumps can be acquired for privileged processes. These dumps include sensitive information (addresses) which can be used for ASLR bypass.

After escaping the sandbox, the exploit downloaded another exploit in /data/data/com.android.chrome/p.so to elevate privileges and install the implant. We haven’t retrieved a copy of the exploit.

Related IOCs

  • shorten[.]fi - landing page
  • contents-domain[.]com - exploit delivery and C2 server

Campaign #3 - Full Android 0-day exploit chain (CVE-2021-38003, CVE-2021-1048)

In October 2021, we detected a full chain exploit from an up-to-date Samsung phone running the latest version of Chrome.

The chain included two 0-day exploits:

  • CVE-2021-38003: A Chrome renderer 0-day in JSON.stringify allowing the attacker to leak TheHole value and fully compromise the renderer.
  • CVE-2021-1048: Unlike the previous campaign, the sandbox escape used a Linux kernel bug in the epoll() system call. This system call is reachable from the BPF sandbox and allows the attacker to escape the sandbox and compromise the system by injecting code into privileged processes. More information can be found in this RCA by Jann Horn.

Of note, CVE-2021-1048 was fixed in the Linux kernel in September 2020, over a year before this campaign. The commit was not flagged as a security issue and therefore the patch was not backported in most Android kernels. At the time of the exploit, all Samsung kernels were vulnerable; LTS kernels running on Pixel phones were recent enough and included the fix for this bug. Unfortunately, this is not the first time we have seen this happen with exploits in the wild; the 2019 Bad Binder vulnerability is another example. In both cases, the fix was not flagged as a security issue and thus not backported to all (or any) Android kernels. Attackers are actively looking for and profiting from such slowly-fixed vulnerabilities.

sample image

Related IOCs

  • shorten[.]fi - landing page
  • redirecting[.]page - exploit delivery and C2 server
  • 8e4edb1e07ebb86784f65dccb14ab71dfd72f2be1203765b85461e65b7ed69c6 - ALIEN

Conclusion

We’d be remiss if we did not acknowledge the quick response and patching of these vulnerabilities by Google’s Chrome and Android teams. We would also like to thank Project Zero for their technical assistance in helping analyze these bugs. TAG continues to track more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors. We remain committed to updating the community as we uncover these campaigns.

Tackling the harmful practices of the commercial surveillance industry will require a robust, comprehensive approach that includes cooperation among threat intelligence teams, network defenders, academic researchers and technology platforms. We look forward to continuing our work in this space and advancing the safety and security of our users around the world.