Government-Backed Hackers Behind Most Zero-Day Exploits in 2024
Google's latest research reveals that government-backed hackers were responsible for the majority of attributed zero-day exploits in 2024. While the total number of zero-days decreased from 98 in 2023 to 75 in 2024, Google attributed at least 23 to government actors. Ten were directly linked to government hackers (five to China, five to North Korea), and eight originated from spyware makers like NSO Group, which primarily sell to governments. The remaining attributed zero-days were likely exploited by cybercriminals. Although spyware companies' zero-day production is slowing, Google notes that the industry will continue to thrive as long as government demand persists. Importantly, security features like iOS/macOS Lockdown Mode and Google Pixel's MTE are proving effective against these attacks, highlighting advancements in zero-day defense.