Google’s Threat Analysis Group (TAG) said on Wednesday that its researchers discovered commercial spyware called Heliconia that’s designed to exploit vulnerabilities in Chrome and Firefox browsers as well as Microsoft Defender security software.
Google’s researchers said they became aware of the framework after an anonymous Chrome bug report that included instructions and source code with the names “Heliconia Noise,” “Heliconia Soft” and “Files.”
Their analysis of the bug submissions showed that they contained tools for delivering exploit code and included references to a possible developer of the frameworks, Variston IT, a security firm based in Barcelona, Spain. Variston IT did not immediately respond to a request for comment.
Read more about this at theregister.com