Elain Brown Tech 04.22.2022 22:Apr PM EDT

Who are Behind Most of the Zero-Day Exploits in 2021?

Zero-Day exploits have significantly increased in numbers since 2021.

Google has published the Project Zero review for the year 2021. The results revealed a record number of zero-day exploits that have been labeled as "one of the most advanced attack methods" and have been demonstrated by some of the world's largest technology corporations.

Zero-Day exploits make a digital product vulnerable to cyberattacks in the form of bugs and different kinds of malicious malware. Zero-Day exploits are one of the most popular ways for threat actors to perform illegal acts towards a certain organization.

These Zero-Day vulnerabilities put systems and digital products at high risk due to their open nature to cyberattacks. What makes an exploit possible to breach is due to its nature of remaining undetected, which leaves systems, databases, and the like completely exposed to hackers.

A certain vulnerability can run and stay in the system for a long time unless a mitigation, also known as a patch or update, is released.

Zero-Day Exploit by Chinese Hackers

Zero-Day exploit attacks, as reported by Bleeping Computer, are largely done by threat groups from around the world to attack large companies.

As the report says, the most likely groups to take advantage of a zero-day flaw are China, Russia, and North Korea, but other groups could also take advantage of it. China tops the list for launching eight zero-day cyberattacks using detected vulnerabilities in large corporations.

An example of this is the notable case of Hafnium. Hafnium is a Chinese state-sponsored hacking group that exploited four zero-day vulnerabilities. One of which is the breach they did to Microsoft Exchange, Hafnium infiltrated servers and gained access to email communications of Western organizations.

They are then followed by Russia with two and North Korea with one.

Mandiant, a cybersecurity firm, has noticed an increase in the number of ransomware operatives who are exploiting zero-day vulnerabilities to breach networks and deploy their file-encrypting payloads.

According to the findings of the company, one out of every three malicious actors who exploited zero-day vulnerabilities was motivated by financial gain, a statistic that continues a growing trend from previous years.

In addition, most of them were linked to cyberespionage operations that were carried out by state-sponsored groups.

Zero-Day Vulnerabilities in 2021

Zero-Day Vulnerabilities in 2021 have increased dramatically as reported by Google's Project Zero team.

According to the end-of-year report for the team, there were 58 zero-day exploits discovered in 2021. That represents the highest number of digital exploits discovered since Project Zero was created in 2015, which was the previous record holder with a total of 28 digital exploits discovered.

In contrast, at the height of the pandemic, during which hackers increased their efforts on malicious cybercrime activity, Google's Project Zero team revealed 25 Zero-Day exploits in the year 2020.

However, in contrast, the increased number of Zero-Day exploits does not entirely mean an increase in cyberattacks. Google also clarified that the record-breaking 58 zero-day exploits that were made public were attributed to increased detection and disclosure of these zero-day vulnerabilities.

Google believes that the higher number of zero-day exploits discovered in 2021 is due to a more aggressive detection process, which has been aided by companies such as Apple, Microsoft, and Google.

In addition, the Project Zero team also credits the increased number of Zero-Day vulnerability reports to the disclosure of these flaws by security researchers.