Google has said it has corrected a vulnerability to the Chrome browser for Windows that malicious hackers have used to enter victims of victims.
To one short note On Tuesday, Google said it defined vulnerability, Watched as CVE-2025-2783discovered by Kaspersky security researchers earlier this month.
Google said it was aware of the reports that a holding of the “wildlife” error. The error is reported as a zero day, because the seller-in this case, Google-did not take time to correct the error before the exploitation.
According to Kaspersky, the error took advantage of a part of a hacking campaign aimed at the Windows computer computers running Chrome.
In a blog postKaspersky called on the “Operation Forumtroll” campaign, and said the victims were targeting an e -e -“fishing” e -mail that invited them to a Russian World Political Summit. When a link to e -mail was clicked, the victims were transferred to a malicious website that immediately exploits the error to access the victim’s PC data.
Is provided Kaspersky Few details About the error at the time of the Chrome Code, but said that the error allowed the attackers to bypass the protection of Chrome’s Sandbox, which limit browser access to other data on the user’s computer. Kaspersky said the error affects all other Google Chromium -based browsers.
In A separate analysisKaspersky said the error was probably used in a espionage campaign, usually designed to monitor and steal data from a target device, usually over a period of time. Russia -based security company said hackers had sent personalized e -“fishing” messages to representatives and officials of the Russian media in educational institutions.
It is not clear who took advantage of the error, but Kaspersky attributed the campaign to a possible state or government hackers.
Browsing programs such as Chrome are a common goal for malicious hackers and government backed teams. Zero day errors are capable of breaking their protections and can be sold at high prices in the sensitive device data of the victim. In 2024, a zero -day broker offers up to $ 3 million for exploitable errors that can be activated by the Internet.
Google said Chrome updates will be released in the coming days and weeks.
