[saagarjha]

That’s what Google is calling it, so I’m inclined to believe them.

[g___]

"In addition to targeting researchers with 0-day exploits, the threat actors also developed a standalone Windows tool that has the stated goal of 'download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers.'

The attackers used a 0-day but getsymbol is not one.

[saagarjha]

Yep, that’s what I said.

[edgyquant]

No it isn’t what you said at all. You said Google was calling malware a zero day and you believe them, but they aren’t doing this.

[saagarjha]

This is what I said:

> The 0-day is in a popular software package.

(I have no idea what this is.)

> The GitHub repo apparently contains a backdoor ability to execute code from the attacker.

(This is what Google says and I think it’s the autoupdater.)

Is this different than what you feel?