Tech giant, Google has issued an alert to users of its Chrome browser, Firefox browser and Microsoft Defender security software of the presence of a spyware called Heliconia. The discovery was made by Google’s Threat Analysis Group (TAG) which confirmed that its researchers had discovered the commercial spyware that is specifically designed to exploit vulnerabilities in Chrome and Firefox browsers.
Google’s researchers said the spyware attack was revealed after they spotted an anonymous Chrome bug report that included instructions and source code with the names “Heliconia Noise,” “Heliconia Soft” and “Files.”
According to a report by The Register, the three components of the spyware, perform the different functions which have been described below:
The web framework, Heliconia Noise is used for deploying an exploit for a Chrome renderer bug followed by a sandbox escape; the second web framework, Heliconia Soft deploys a PDF containing a Windows Defender exploit while the third component, Files is a set of Firefox exploits for Linux and Windows OS systems.
According to TAG, the vulnerabilities being targeted in the report were fixed by Google, Microsoft, and Mozilla in 2021 and early 2022.
According to Google, TAG’s research has continually revealed the proliferation of commercial surveillance and how commercial spyware vendors have improved their crafts and also, developed capabilities that have only been made available to governments with ‘deep pockets’ and ‘technical expertise’.
Google has also confirmed its awareness of how much the spyware industry has grown over the years thereby putting users at risk while also jeopardizing the safety of the internet.
Google and its group of researchers, the Threat Analysis Group have threatened to wage war against such abuses which it says ‘represent a serious risk to online safety’ and to continue taking action against, and publishing research about the commercial spyware industry.