A Barcelona-based company that bills itself as a custom security solutions provider exploited several zero-day vulnerabilities in Windows, and Chrome and Firefox browsers to plant spyware, say Google security researchers.
In research shared with TechCrunch ahead of publication on Wednesday, Google’s Threat Analysis Group (TAG) says it has linked Variston IT, which claims to offer tailor-made cybersecurity solutions, to an exploitation framework that enables spyware to be installed on targeted devices.
“Our team consists of some of the industry’s most experienced experts,” Variston IT’s website reads. “We are a young but fast-growing company.”
Google researchers became aware of the so-called “Heliconia” exploitation framework after receiving an anonymous submissi …
