Technology
Swarajya Staff
Sep 21, 2021, 09:54 AM | Updated 09:54 AM IST
Save & read from anywhere!
Bookmark stories for easy access on any device or the Swarajya app.
A report by Forbes suggests that India used an American company’s technology to exploit zero-day vulnerabilities in Microsoft Windows PCs being used by government and telecom entities of Pakistan and China.
According to the report, cyber espionage was carried out by the Indian government or one of its contractors between the period of June 2020 and April 2021.
The company, Exodus Intelligence, headquartered at Austin, Texas, specialises in zero-day exploits, and according to Kaspersky, it is a provider of a hacking tech known as “zero-day exploit broker”.
Zero day vulnerabilities are those vulnerabilities present in the software which is unknown to the developer. The company provides information on zero-day vulnerabilities and the software required to hack it, to the Five Eyes alliance (intelligence alliance comprising of USA, UK, Australia, New Zealand and Canada) or their allies.
Forbes reports that the main product of the firm is a news feed containing software vulnerabilities without the exploits required to hack into them. This news feed is similar to a Facebook news feed, marketed for defenders and is available for $250,000 per year.
The vulnerabilities reported in the news feed cover major operating systems including Android and Windows.
According to the report, the CEO and cofounder of Exodus Intelligence, Logan Brown after conducting an investigation accused India of making use of this news feed and picked Microsoft’s vulnerability which allowed deep access into Microsoft’s operating system.
Following this investigation, the company cut off India’s access to its news feed in April 2021. He worked with Microsoft to build a patch to fix the vulnerability.
Brown stated, “You can use it (news feed) offensively if you want, but not for spying over Pakistan and China.
After Kaspersky’s discovery of more leaks of Exodus’s code and usage of this code by hacking crew known as DarkHotel, believed to be sponsored by South Korea, Brown accused India of sharing the company’s intelligence as South Korea is not a customer of the company.
Exodus Intelligence is one among several American companies, part of the cybersecurity industry worth $130 billion globally.