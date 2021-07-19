



Zero Day Bug Attack: Google and Microsoft have released patches for two critical operating system vulnerabilities exploited by spyware reportedly sold to the government by Israeli developer Candiru.

Citizen Lab said in a report released earlier this week that Candiru spyware (called Devils Tongue by Microsoft) can infect and monitor iPhones, Android smartphones, Macs, PCs and even cloud accounts. Microsoft calls it Candiru Sourgum.

What is DevilsTongue? What does it do?

DevilsTongue is a spyware tool developed by a company called Candiru based in Tel Aviv, Israel. As Citizen Lab explains, Candiru is a mercenary spyware company that sells untraceable spyware to government customers. Their products include solutions for spying on computers, mobile devices and cloud accounts.

With 16 million project proposals, there is no limit to the number of spyware infection attempts, but only 10 devices can be monitored at a time. For an additional $ 1.5 million, customers can monitor 15 additional devices simultaneously and purchase the ability to infect devices in one additional country. Citizen Lab reports that for an additional $ 5.5 million, it will be able to simultaneously monitor 25 additional devices and spy on five more countries.

When spyware infects Windows PC, it steals files and exports all messages stored in the Windows version of the popular encrypted messaging app Signal, with cookies from Chrome, Internet Explorer, Firefox, Safari and Opera browsers. Steal your password.

According to Microsoft analysis, spyware can also send messages directly to the victim’s computer from a logged-in email or social media account. This can allow malicious links and other messages to be sent directly from the compromised user’s computer.

What is Microsoft doing?

To address this spyware, Microsoft has released two security patches for the Zero Day Bug vulnerabilities CVE-2021-31979 and CVE-2021-33771. These vulnerabilities were patched in a security update released on July 13, 2021.

To limit these attacks, we focused on two actions. First, we built our own protection against malware created by Sourgum into our products and shared those protections with the security community. Next, Microsoft issued a software update that protects Windows customers from the exploits that Sourgum used to help deliver malware, Microsoft said in a post.

The company added that it has built protection against Devils Tongue into its security products and shared these protections with other users in the security community to protect their customers.

What is Google saying?

In another report by the Threat Analysis Group or TAG, Google discovered a zero-day bug in Chrome and Internet Explorer used by the same company. The company discovered vulnerabilities in CVE-2021-21166 and CVE-2021-30551 in Chrome, CVE-2021-33742 in Internet Explorer, and CVE-2021-1879 in Safari WebKit. Thankfully, Apple, Google, and Microsoft have all released security updates to patch these bugs.

What should i do now

If you haven't updated your device yet, it's a good idea to update your laptop, PC, tablet, or smartphone. Download the latest version of the security update available for your device.

