A Russian hacker group, known as APT29 or “Midnight Blizzard,” has been identified as exploiting vulnerabilities in both Chrome on Android and Safari’s WebKit on iOS. The attacks targeted the Mongolian government, stealing sensitive user data through watering hole attacks.
The hackers set up malware on official Mongolian websites that exploited vulnerabilities in Chrome and Safari, allowing them to steal passwords, cookies, and potentially even web-based email information from iPhones and iPads.
Google suspects that APT29 used commercially-available spyware for their attacks. The same patterns have been seen in the recent attacks as those of spyware developed by consortiums like NSO Group and Intellexa. These groups are known to target journalists, activist groups, and other authorities.
Both Google and Apple have issued patches to close the vulnerabilities, emphasizing the importance of keeping software up to date. To protect against these threats, it is essential to practice good cybersecurity hygiene, such as not reusing passwords, using a VPN, and avoiding suspicious links from emails and texts.
Source: https://www.androidpolice.com/google-russian-hackers-exploited-chrome-android/