Spyware Vendor Variston Exploited Chrome, Firefox and Windows 0-days

In their detailed technical report, TAG explained that Variston IT had been using their exploitation framework called Heliconia to install spyware on the targeted devices. On 30th November, Google’s Threat Analysis Group (TAG) reported that a Barcelona-based company, actually a spyware vendor, named Variston IT has been exploiting n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender under the guise of a custom cybersecurity solutions provider. It is advised that users keep their Chrome and other software up-to-date with the security patches to ensure full protection against Heliconia.