Zero-Day Exploits Up 50% in 2023: Google Warns
In a recent report by Google’s cyber experts, it was revealed that the exploitation of zero-day vulnerabilities surged by 50% in 2023, reaching a total of 97 incidents, up from 62 in the previous year.
Zero-day vulnerabilities pose a grave threat to security, enabling malefactors to breach networks and devices long before developers can identify and rectify the vulnerability in their products.
Out of the 97 zero-day vulnerabilities examined, the motives of the attackers were determined in 58 instances. Forty-eight of these hacking incidents were linked to cyberespionage activities, while the remaining ten were attributed to financially motivated hacking groups.
The report highlights the particular activity of the FIN11 group, along with four malware groups: Nokoyawa, Akira, LockBit, and Magniber, which exploited vulnerabilities to conduct extensive cyberattacks.
Special attention is given to breaches associated with Chinese hackers and the European group Winter Vivern, pointing to their growing sophistication in exploiting zero-day vulnerabilities.
The study also notes the increased interest of malefactors in enterprise technologies, including security mechanisms and software, due to the extended access and high level of privileges these products offer.
Researchers express significant concern over the role of commercial spyware vendors in exploiting such vulnerabilities, with Google attributing 75% of the known zero-day vulnerabilities targeted against Google products and Android-based devices to the actions of such commercial entities.
The report also discusses browser security issues, highlighting vulnerabilities in third-party components as a significant threat in 2023. For example, the same vulnerability, CVE-2023-41064, impacted Safari, Firefox, and even the Android operating system, according to the researchers.
Google warns that the trend of increased exploitation of zero-day vulnerabilities is likely to continue, given the intensified investment by hackers in discovering new vulnerabilities.
Experts also note that some measures to counteract malicious exploitation, such as Google’s MiraclePtr and Apple’s Lockdown mode, are quite effective and genuinely prevent the use of many exploit chains.