Zero-Day Exploit

Introduction

WhatIsAZeroDayExploit

A zero-day (also known as 0-day) is a computer-software vulnerability that is unknown to those who should be concerned about it. Until the vulnerability is patched, hackers can use it to harm users or compromise their data, other computers, or a network.

Originally, the term “zero-day” referred to the number of days since a new piece of software was made available to the public. Once a fix is created, the likelihood of the exploit succeeding decreases as more people use it over time.

Attack methods & vectors

In order to compromise user devices attackers make use of a number of different attack vectors in order to distribute their malware including the following:

Web browsers: Due to the widespread of browsers like Firefox and Chrome the browser has become a key part of all computing and as such an attractive target for hackers.

If a vulnerability can be discovered inside a popular browser then websites can be setup to take advantage of this and compromise users who visit a page which has the potential to infect many devices.

Operating System Vulnerabilities: Vulnerabilities can be discovered inside Operating Systems such as Microsoft Windows or macOS and can be used to infect devices. Like a web browser this is an attractive target for attackers as a vulnerability affecting a popular platform has the potential to reach hundreds of thousands or even millions of people.

An example of a vulnerability affecting Windows computers was code-named “EternalBlue” and was exploited in order to spread the WannaCry Ransomware strain which infected many corporate networks back in 2018 including high profile companies and institutions like Boeing and the NHS in the UK.

Software vulnerabilities: Much like browsers popular software is often targeted by hackers for potential security vulnerabilities. Examples of popular software may include a CMS like WordPress which is used to build websites or an application like WhatsApp used by millions of users.

Website vulnerabilities can be exploited to hack websites and infect unknowing visitors who visit which is why website security is very important to ensure websites are kept updated and maintained to mitigate the risks.

Protecting against these exploits

Zero-day attacks are frequently effective against “secure” networks and can go undetected even after they have been launched. There are numerous techniques for limiting the effectiveness of zero-day memory corruption vulnerabilities such as buffer overflows.

It has been suggested that a solution of this type may be out of reach because it is algorithmically impossible to analyze any arbitrary code to determine if it is malicious in the general case.

Examples of Zero-day exploits

Over the years there have been many examples of zero-day exploits including some high-profile cyber attacks referenced in mainstream media.

Here are some examples of Zero-day’s which became widespread and reported:

Stuxnet:

This was a computer Worm which exploited Windows vulnerabilities which was used to enter the internal network of Nuclear enrichment operations in Iran.

Its origin is still unknown however according to media coverage it is believed to be launched by the Government sponsored organization for political reasons. The Worm was very sophisticated and spread via USB devices and sought out very specific equipment before increasing hardware speed and damaging equipment.

Pegasus Spyware:

The Pegasus Spyware is a sophisticated spyware which has the capability to compromise smartphones and capture information such as phone calls, messages and other information.

It is developed by a company called NSO Group who onsells the software to Governments around the world and has been reported to leverage unknown vulnerabilities in software and mobile Operating Systems like Android and iOS.

Conclusion

We hope you found this page to be helpful, if so be sure to share it on social media or consider following our own profiles to keep updated with new content we share.

Also be sure to check out our blog, videos and business services for more.

Other relevant pages from our technology glossary:

SSL/TLS

DDoS (Distributed Denial Of Service)

Phishing

Trojan Horse

Documents & Resources Cited:

“Zero-day (computing)” Wikipedia, 28 Feb. 2008, en.wikipedia.org/wiki/Zero-day_(computing). Accessed 28 July 2021.

S. Cutler, (2021). What is Pegasus spyware and how does it hack phones? [Online]. The Guardian. Available at: www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones (Accessed: 28 July 2021).