“Our research underscores the extent to which exploits first developed by the commercial surveillance industry are proliferated to dangerous threat actors.”
“We assess with moderate confidence the campaigns [an iOS WebKit exploit and a Chrome exploit] are linked to the Russian government-backed actor APT29. In each iteration of the watering hole campaigns, the attackers used exploits that were identical or strikingly similar to exploits previously used by commercial surveillance vendors (CSVs) Intellexa and NSO Group.”
“Watering hole attacks remain a threat where sophisticated exploits can be utilized to target those that visit sites regularly, including on mobile devices. Watering holes can still be an effective avenue for n-day exploits by mass targeting a population that might still run unpatched browsers.”
“Although the trend in the mobile space is towards complex full exploit chains, the iOS campaign is a good reminder of the fact that a single vulnerability can inflict harm and be successful.”