Google Chrome zero-day exploited to send out spyware – here’s what we know
- Chrome Zero Day exploited to target Russian institutions using Dante spyware
- Dante, linked to Memento Labs, enables sandbox escape and file theft
- Commercial spyware often sold to regimes targeting dissidents and journalists
A high-severity Google Chrome vulnerability was exploited as a zero-day to target Russian media, government organizations, educational and financial institutions, experts said.
Cybersecurity researchers at Kaspersky Lab said they used commercial malware called Dante in what they called Operation ForumTroll in March 2025.
During the investigation, the team observed an 8.3/10 (high) “mishandling” vulnerability in the Chrome browser, allowing remote attackers to perform a sandbox exit via a malicious file, thereby stealing sensitive files from the underlying system.
Dante spyware
The malware used in this attack was later identified as Dante, a commercial spyware purportedly developed by a company called Memento Labs.
This company is the successor to Hacking Team, an Italian company that was acquired after itself suffering a cyberattack in 2015, when sensitive files were leaked to the public, revealing that Hacking Team was selling its tools to authoritarian regimes and various government institutions.
The company was acquired in 2019 by InTheCyberGroup, which used it as a foundation to create Memento Labs, which in 2023 reportedly presented Dante spyware at the ISS World Middle East and Africa conference.
Commercial spyware companies aren’t exactly a new thing, but they’re generally frowned upon.
Many present their services as helping against terrorism, cyberespionage and various clandestine activities, but in reality many sell their services to authoritarian regimes. These governments then use the malware to target political opponents, dissidents, journalists, foreign diplomats, and other similar figures.
Perhaps the best example is the Israeli group NSO, which was blacklisted by the United States in 2021 for developing and supplying spyware that foreign governments used to “maliciously target government officials, journalists, businessmen, activists, academics, and embassy employees,” which was deemed contrary to the national security and foreign policy interests of the UNITED STATES.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
The best antivirus for every budget
