A recently patched Google Chrome vulnerability (CVE-2025-2783) was exploited to distribute espionage tools by Italian firm Memento Labs, targeting organizations in Russia and Belarus. This campaign involved spear-phishing emails and the deployment of sophisticated malware like LeetAgent and Dante spyware, linked to known threat clusters such as Operation ForumTroll and TaxOff. #CVE2025-2783 #LeetAgent #DanteSpyware #OperationForumTroll #TaxOff
Keypoints
- The Chrome zero-day vulnerability was exploited in targeted spear-phishing campaigns aimed at Russian and Belarusian organizations.
- Memento Labs, known for surveillance tools and cyber exploits, was involved in disseminating malicious spyware via this attack.
- The spyware used includes LeetAgent, capable of executing commands, injecting shellcode, and harvesting files.
- The attack campaigns are linked to known clusters: Operation ForumTroll and TaxOff, sharing similar tradecraft and malware code.
- There is evidence suggesting wider usage of the Dante spyware in other cyber operations beyond the Chrome exploit.
Read More: https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html