Chinese Hackers Increase Zero-day Hacks

Tech Vulnerabilities Increase Attacks

Technology devices such as phones, laptops, ipads, baby monitors, and other types of cool gadgets entertain us daily, they have also streamlined our jobs and changed our world for the better. However, while these awesome devices have made our lives much easier, oftentimes there are unplugged loopholes in these same new era devices that have robbed us of our sacred privacy.

With the advance of technology comes a myriad of troubles, where discrepancies found in tech devices have left consumers vulnerable to dark web criminals. And with thousands of vulnerabilities found in tech gadgets, each year, they have become the most lucrative gateway for hackers to invade our private space.

According to new revelations from cyber security analysts, zero-day vulnerabilities have now become most dark web hackers’ manipulation portals. Targeting these loopholes is a rising trend amongst hacking groups that lurks on the dark web. Cyber security analyses have shown that Chinese hackers employed the majority of hacking attacks throughout the last year.

Zero-day security flaws are unpatched vulnerabilities in software that are somewhat unidentified, or have never been addressed at the end of the incubation period. Hackers are extremely interested in zero-day revelations because they all have a longer exploitation window until the manufacturers resolve the weaknesses.

The period to identify and implement the necessary fix gives hackers enough time to carry out their hack, especially with bonus time with consumers slowly implementing the updated information. This additional time frame typically lasts at least a few extra days, or even weeks. And because not all administrators implement security updates instantaneously, the proportion of likely targets continues to highly benefit criminal hackers.

Zero-day Hacks in 2021

According to an analysis furnished by cybersecurity firm Mandiant, there have been 80 cases of zero-day exploits in the wild last year. It shows that hackers have increased their hacking campaigns with 18 more incidents recorded than in 2020, and the previous year 2019. The rising trajectory features a majority of these hacks have been attributed to government state-sponsored cyber-espionage operational processes. However, the investigation revealed that one out of every three malicious hackers exploiting zero-day security flaws was profit driven, continuing a trend that began in previous years.

China leads the list of threat actors, with eight zero-day exploits used throughout cyber intrusions in 2021, followed by Russia with two, as well as North Korea with a single hack. The most prominent example was Hafnium, a Chinese government hacking group that exploited four zero-day security holes on Microsoft Exchange servers to gain access to Western businesses’ official emails.

Mandiant also observed an increase in ransomware operatives trying to exploit zero-day vulnerabilities to breach networks and distribute their file-encrypting payloads.

HelloKitty ransomware operators also were a prominent example of this occurrence, as they victimized a zero-day bug in SonicWall SMA 100 VPN equipment.

Microsoft, Apple, and Google were the most specific targeted vendors in the 2021 zero-day attacks, accounting for more than 75% of all hacking incidents perpetrated by dark web hacking groups.

According to a report from BleepingComputer, the amount of smartphone OS zero-day dark web hacks designed to target Android and iOS is also on the rise, increasing from less than five in 2019 and 2020 to 17 in 2021.

Stronger 2022 Zero-day Hacks

Analytical cyber attack reports show that from 2019 through 2021 zero-day hacking exploitation continues to set a new high, and current evidence would suggest that it will be even worse for 2022, as more hacking groups set to target zero-day vulnerabilities.

Significantly, zero-day exploitation campaigns are becoming more accessible to a broader range of state-sponsored threat actors. Mostly as a result of the prevalence of more equipped hacking tools that can create even more powerful ransomware, which are built for more intrusive customized hacking exploits.

Google’s Project Zero team had emphasized that only two of the 58 new zero-days Project Zero divulged in 2021 demonstrated technical quality and uniqueness. However, the increase in zero-day exploitation is that dark web hackers’ awareness, and identification process by manufacturers have boosted hacking activity or attack variability.