50% increase: 0day-vulnerabilities are being used by hackers more and more often


Reaction score
Google researchers have proposed a working strategy to reduce the level of malicious exploitation.

A recent report from Google's cyber experts found that the number of zero-day exploits of vulnerabilities increased by 50% in 2023, reaching 97 cases compared to 62 in the previous year.

Zero-day vulnerabilities pose a serious security risk, as they allow attackers to break into networks and devices long before developers have time to detect and fix the breach in their products.

Of the 97 zero-day vulnerabilities examined, the attackers motives were identified in 58 cases. 48 hacking incidents were related to cybercriminals engaged in cyber espionage, while the remaining ten were related to financially motivated hacker groups.

The report highlights the particular activity of the FIN11 group, as well as four malware groups: Nokoyawa, Akira, LockBit and Magniber, which exploited vulnerabilities to conduct large-scale cyber attacks.

The report focuses on hacks involving Chinese hackers and the European group Winter Vivern, pointing to their growing sophistication in exploiting zero-day vulnerabilities.

The study also notes the increased interest of attackers in enterprise technologies, including security mechanisms and software. This is due to the fact that such products provide extended access and a high level of privileges.

Researchers are most concerned about the role of commercial spyware vendors in exploiting such vulnerabilities, with Google linking 75% of known zero-day vulnerabilities directed against Google products and Android-based devices to the actions of such commercial companies.

The report also addresses browser security issues, highlighting vulnerabilities in third-party components that have become a significant threat in 2023. For example, the same vulnerability CVE-2023-41064, according to researchers, affected both Safari and Firefox, and even affected the Android operating system.

Google warns that the trend of increasing exploitation of zero-day vulnerabilities is likely to continue, given the increased investment of hackers in finding new vulnerabilities.

Experts also note that some measures to counter malicious exploitation, such as Google's Miraclepr and Apple's Lockdown mode, work quite well and actually prevent the use of many exploit chains.

"This demonstrates how vendors investment in security can have a noticeable impact on making it harder for attackers to attack users using 0day vulnerabilities," the researchers concluded.