{"id":29260,"date":"2019-09-23T16:54:39","date_gmt":"2019-09-23T16:54:39","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/30522\/How-Google-Changed-The-Secretive-Market-For-The-Most-Dangerous-Hacks-In-The-World.html"},"modified":"2019-09-23T16:54:39","modified_gmt":"2019-09-23T16:54:39","slug":"how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/","title":{"rendered":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World"},"content":{"rendered":"
<\/div>\n

Between 2016 and 2018, Ian Beer found more than 30 vulnerabilities in the iPhone\u2019s operating system. These bugs were worth millions of dollars on the open market<\/a>.<\/p>\n

Beer\u2019s ultimate goal is to make the iPhone even more secure, but he doesn’t work at Apple. He’s a hacker for Google\u2019s Project Zero, an elite hacking team focused on finding bugs in popular software and products made by companies like Apple, Microsoft, and by Google itself.<\/p>\n

In between hunting bugs, Beer has also released a tool<\/a> to help other researchers jailbreak the iPhone in order to find bugs in iOS, and taunted Apple during a talk at a security conference<\/a> where he asked the company to donate his would-be rewards to a charity.<\/p>\n

\u201cI’d love to get a chance to sit down with you and discuss how together we can make iOS even more secure for all our users. Cheers,\u201d Beer wrote<\/a> in a tweet directed at Apple\u2019s CEO Tim Cook at the time. (Apple has tried to hire Beer, according to two sources with knowledge, but for now he remains at Google.)<\/p>\n

In other words, Beer wants to avoid precisely the scenario he laid out in a bombshell analysis he published at the end of August, where he detailed a shocking years-long campaign to hack iPhones in China<\/a>.<\/p>\n

\u201cThe reality remains that security protections will never eliminate the risk of attack if you’re being targeted,\u201d Beer, who used to work at GCHQ, the UK\u2019s intelligence agency, wrote in a blog post<\/a>. \u201cTo be targeted might mean simply being born in a certain geographic region or being part of a certain ethnic group. All that users can do is be conscious of the fact that mass exploitation still exists and behave accordingly; treating their mobile devices as both integral to their modern lives, yet also as devices which when compromised, can upload their every action into a database to potentially be used against them.\u201d<\/p>\n

The researcher did not name them, but that \u201ccertain ethnic group\u201d was later revealed to be the persecuted Uyghur minority<\/a> in China\u2019s province of Xinjiang. Apple confirmed news<\/a> reports<\/a> that the Uyghurs where the targets of the campaign in a statement<\/a> that challenged some details of Google\u2019s report.<\/p>\n

This latest research has earned Google headlines all over the world, but Beer is only one of a team full of a team of superstar hackers, which include Natalie Silvanovich<\/a>, Tavis Ormandy<\/a>, and Jung Hoon Lee<\/a>, the 25-year-old who was once dubbed one of the world\u2019s best hackers<\/a> by the The Register. Ever since Project Zero was announced in 2014<\/a>, these hackers have taken apart software used by millions of people\u2014and predominantly written by other company\u2019s engineers\u2014with a mission to \u201cmake zero-day hard.\u201d<\/p>\n

Do you work at Google, Apple, or in the security team of another tech giant? Are you a vulnerability researcher? If you have any tips about vulnerabilities and exploits, and the market for them, using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com.<\/em><\/strong><\/p>\n

Zero-days are vulnerabilities or bugs in software that are unknown to the software maker, meaning they haven\u2019t been patched yet. Hence their name: the company has been aware of the issue, and able to knowingly fix the bugs, for zero-days. As well as vulnerabilities, the term zero-days can be used to refer to exploits, which are techniques and code used to take advantage of those bugs.<\/p>\n

In five years, Project Zero researchers have helped find and fix more than 1,500 vulnerabilities in some of the world\u2019s most popular software, according Project Zero\u2019s own tally. In Apple products, Beer and his colleagues have found more than 300 bugs<\/a>; in Microsoft\u2019s products they found more than 500<\/a>; in Adobe’s Flash<\/a>, they found more than 200. Project Zero has also found critical issues in CloudFlare<\/a>, several antivirus apps<\/a>, and chat apps<\/a> such as WhatsApp and FaceTime. A Project Zero researcher was also part of the group who found the infamous Spectre and Meltdown flaws<\/a> in Intel chips.<\/p>\n

These numbers show Project Zero has had a massive impact on the security of devices, operating systems, and applications used by millions of people every day.<\/p>\n

For Google, these disclosures give the internet giant good publicity by showing how much the company cares for the security of not just its users\u2014but everyone else too. In assembling one of the most elite hacking teams on the planet, Google is messaging to its customers that it takes security very seriously. Along the way, Google has given itself an excuse to probe its competitors products and software, doubtlessly learning from others’ security mistakes. Project Zero has been able to poke holes in the bulletproof mystique of the iPhone’s security, which is widely believed to be the hardest consumer device to hack. In doing so, Google is able to insert itself into conversations it might not otherwise be a part of.<\/p>\n

Regardless of Project Zero’s true mission, there\u2019s no doubt that the team has had a profound influence on the cybersecurity industry in the last five years.<\/p>\n

\u201cWithout this level of technical detail in the public eye, defenders don’t stand a chance.\u201d<\/p>\n

For one, Project Zero has normalized something that years ago was more controversial: a strict 90-day deadline for companies that receive its bug reports to patch the vulnerabilities. If they don’t patch in that time frame, Google drops the bugs itself. Microsoft, in particular, was not a fan of this policy at the beginning<\/a>. Today, most companies that interact with Project Zero respect that 90-day deadline as an industry standard, a tidal change in the always controversial debate on the so-called \u201cresponsible disclosure\u201d\u2014the idea that security researchers who find vulnerabilities should first disclose them to the affected company, so that it can fix them before the bugs are exploited by hackers. According to its own tally, around 95 percent of bugs reported by Project Zero get patched within that deadline.<\/p>\n

\u201cPeople looked at the way the wind was blowing and then decided that\u2014maybe just maybe\u2014 instead of creating a fuss, creating a fix within 90 days was just easier,\u201d said Chris Evans, Project Zero\u2019s original team leader.<\/p>\n

But perhaps no accolade is more significant than how much people on the other side of Project Zero\u2019s fence, whom Evans would call the \u201cinsecurity industry,\u201d hate the Google hackers. This \u201cinsecurity industry\u201d is made of companies like Azimuth Security<\/a> and NSO Group<\/a>, government contractors whose job is to find bugs and write exploits. But, instead of reporting the vulnerabilities to the companies who own the software, these companies sell them to governments who turn them into tools to hack and surveil targets.<\/p>\n

\u201cFuck those guys,\u201d said a researcher who works for a company that does offensive security, referring to Project Zero. \u201cThey don\u2019t make the world safer.\u201d<\/p>\n

The researcher, who spoke on condition of anonymity because they are not allowed to talk to the press, said that zero-day vulnerabilities are sometimes used to go after terrorists or dangerous criminals. So when Project Zero kills those bugs, it may be killing tools used by intelligence agencies to go after the bad guys, according to the researcher.<\/p>\n

In the end, however, Project Zero isn\u2019t really stopping the trade of exploits to governments. If anything, Project Zero is highlighting areas where hackers can find more bugs. According to the researcher, by finding and reporting high-quality bugs, Project Zero is driving up the cost of other bugs and exploits, as they become rarer and harder to find.<\/p>\n

\u201cThe price goes up and they\u2019re making us all rich,\u201d the researcher said. \u201cLife does get hard, we just charge more. Keep doing what you\u2019re doing, cause I\u2019m getting richer.\u201d<\/p>\n

Ben Hawkes, Project Zero\u2019s current team leader, thinks that being open about zero-days and detailing them in blog posts ultimately benefits users by pressuring companies to improve the security of their products, and show them what skilled hackers can do to hack them.<\/p>\n

\u201cWe want to help provide accurate understanding of how attacks work to a wider audience so that users, customers, can ask the right questions and ask for the right things from their vendors and suppliers,\u201d Hawkes said when we met in Las Vegas this summer.<\/p>\n

\u201cFuck those guys, they don\u2019t make the world safer.\u201d<\/p>\n

But some think Project Zero may actually be helping law enforcement and intelligence agencies learn from its research and help them develop what are known as N-day or 1-day exploits. These are hacks based on zero-days that have been disclosed\u2014hence their name\u2014but work until the user applies the patch. According to some critics, the ideas here is that malicious hackers could lift the code published by Google researchers as part of their reports and build on it to target users who have yet to update their software.<\/p>\n

Earlier this year in Las Vegas, during the Pwnie Awards ceremony, a mostly satirical affair that recognizes the best and worst hacks of the year, the founder of Azimuth Security Mark Dowd joked about this idea. When he was introducing one of the awards for which Project Zero was nominated, Dowd called the Google team \u201cNSO Group\u2019s commercial arm.\u201d<\/p>\n

There is no evidence that government hackers have taken the exploits published in Project Zero\u2019s research, and turned them into hacking tools. But\u2014at least in theory\u2014it could have happened, or could happen in the future.<\/p>\n

\u201cThere are a lot of ways in which attackers can try and create exploits for things that are known,\u201d Evans said. \u201cIt’s an age old problem of security disclosure, right? If you disclose something will the bad people turn around and use it?\u201d<\/p>\n

That shouldn\u2019t stop Project Zero, or others, from sharing detailed knowledge of bugs and exploits, according to Evans.<\/p>\n

\u201cLet’s be clear, this will happen. Eventually, some researcher, maybe Project Zero, maybe someone else, they’ll publish something, and some future harm will occur. But you know, they did the right thing by sharing what they found, so that we can all learn from it,\u201d Evans said. \u201cYou got to reserve your anger for the person that did the bad thing, not the security researcher who was just on the journey we’re all on to share things and learn together and grow together.\u201d<\/p>\n

Hawkes also agrees that there is a risk of something like this happening, but it\u2019s all a matter of keeping an eye on it.<\/p>\n

\u201cWe have to constantly monitor and assess to make sure that our disclosure policy results in more good than harm,\u201d Hawkes said.<\/p>\n

According to him, the reality is that the window of time to exploit users with an N-Day is shrinking on many platforms that have gotten better at forcing users to patch, such as iOS. Plus, Hawkes said, it\u2019s not that easy to turn one of Project Zero\u2019s bugs into reliable N-day exploits. It’s one thing to know there\u2019s a bug in software, another to turn it into malware that bad guys can use to hack users. (For example, the much hyped Windows vulnerability known as BlueKeep<\/a> was disclosed in May, and hackers have yet to turn it into an exploit that works seamlessly and can cause significant damage)<\/p>\n

\u201cThere’s actually a substantial amount of additional research and development that you have to perform to take a Project Zero report and turn it into something that is pragmatically useful as an attacker in the wild,\u201d Hawkes said. That\u2019s because in practice attackers need to chain several different exploits to hack a target, so Project Zero may give them information on one of those links in the chain, but then the attackers need to use that exploit with others.<\/p>\n

\u201cThe set of people that have that capability, that can perform that research and development. The theory is that they also have the capability to find the zero day themselves. […] That set of people appears to be very very small,\u201d he added.<\/p>\n

In other words, there aren\u2019t that many other teams outside of Project Zero and offensive-focused hacking teams who can find highly valuable bugs and write these kinds of exploit.<\/p>\n

That\u2019s what makes Project Zero almost unique. It\u2019s a team of extremely talented hackers who devote a lot of time and resources into finding bugs in the software of anyone they think it\u2019s an interesting target. This means that more often than not, highly paid Google hackers are looking at code written by other companies.<\/p>\n

\u201cI think we’ll look back on Project Zero as previous generations did on AT&T Bell Labs: such a concentration of brilliant minds allowed to direct their own research is a beautiful thing, for however long it lasts, even if not long for this world,\u201d said Katie Moussouris, a security researcher who launched the Microsoft Security Vulnerability Research<\/a> (MSVR) team in 2008. MSVR is a pioneering program that has very similar goals to those of Project Zero: namely to find, report, and help fix bugs in third-party software. But MSVR has always been a program more than a team. There are no dedicated full time researchers on MSVR, while there\u2019s around a dozen researchers working for Project Zero.<\/p>\n

Hawkes is convinced that the world needs more Project Zeros. With that goal in mind, he said him and his colleagues have started to talk to other companies about building a \u201ccoalition\u201d or Project Zeros across the industry, academia, and nonprofits.<\/p>\n

It\u2019s unclear what this coalition would look like, or who would be willing to be part of it.<\/p>\n

Eric Doerr, the person at Microsoft who manages MSVR, said that there are no plans to have researchers work on that program full time, at least for now. We also asked Facebook, Amazon, and Apple if they had any plans to follow Google\u2019s footsteps. Facebook declined to comment, while Apple and Amazon did not respond.<\/p>\n

Moussoris agreed with Hawkes that the world needs more security researchers who focus on hard to find bugs, and then tell the world how their attacks worked\u2014no matter who they work for and where the bugs are.<\/p>\n

\u201cWithout this level of technical detail in the public eye,\u201d she said, \u201cdefenders don’t stand a chance.\u201d<\/p>\n

Subscribe to our new cybersecurity podcast,<\/em><\/strong> CYBER<\/em><\/strong><\/a>.<\/em><\/strong><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":29261,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[7851],"class_list":["post-29260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerflawgooglezero-day"],"yoast_head":"\nHow Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-23T16:54:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world-1024x575.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"575\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World\",\"datePublished\":\"2019-09-23T16:54:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/\"},\"wordCount\":2433,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg\",\"keywords\":[\"headline,hacker,flaw,google,zero day\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/\",\"name\":\"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg\",\"datePublished\":\"2019-09-23T16:54:39+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg\",\"width\":7960,\"height\":4472},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw,google,zero day\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflawgooglezero-day\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/","og_locale":"en_US","og_type":"article","og_title":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-09-23T16:54:39+00:00","og_image":[{"width":1024,"height":575,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world-1024x575.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World","datePublished":"2019-09-23T16:54:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/"},"wordCount":2433,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg","keywords":["headline,hacker,flaw,google,zero day"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/","url":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/","name":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg","datePublished":"2019-09-23T16:54:39+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/09\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world.jpg","width":7960,"height":4472},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/how-google-changed-the-secretive-market-for-the-most-dangerous-hacks-in-the-world\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw,google,zero day","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflawgooglezero-day\/"},{"@type":"ListItem","position":3,"name":"How Google Changed The Secretive Market For The Most Dangerous Hacks In The World"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29260","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=29260"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/29260\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/29261"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=29260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=29260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=29260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}