Cybersecurity researchers from Kaspersky have discovered a new zero-day flaw in Chrome.
If successful, the attacker can leverage the Use-After-Free (UaF) condition, which essentially allows the attacker to execute almost any code.
The flaw was used in an event Kaspersky calls ‘Operation WizardOpium’. Apparently, it has some similarities with the Lazarus attack. It was discovered using Kaspersky’s automated threat detection systems and was named CVE-2019-13720.
We last heard from the Lazarus Group in March, when a global spearphishing campaign was discovered. Security firm McAfee said back then it found evidence linking Lazarus to the huge Operation Sharpshooter attack first detected last December,which uses sophisticated spearphishing emails disguised as job recruitment messages.
Google was notified of this new flaw’s existence and a patch was already been issued.
“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” said Anton Ivanov, a security expert at Kaspersky.
Kaspersky products detect the exploit as PDM:Exploit.Win32.Generic.