New research by Google’s Project Zero has recently discovered two exploit servers which were being used as watering hole attacks. The Project Zero report says “a highly sophisticated actor” who uses a complex targeting infrastructure is responsible for the attacks.
The Project Zero researchers said “they are well-engineered, complex code with a variety of novel exploitation methods, mature logging, sophisticated and calculated post-exploitation techniques, and high volumes of anti-analysis and targeting checks,” and that “we believe that teams of experts have designed and developed these exploit chains.”