In a chilling demonstration of how quickly advanced spyware can weaponise a single browser flaw, researchers have confirmed that a previously unknown zero-day vulnerability in Google Chrome was actively exploited in targeted espionage attacks — and that the operation appears tied to a resurfaced surveillance-tool vendor based in Italy.
The flaw and Its Exploitation
The vulnerability, officially tracked as CVE‑2025‑2783, is described in the U.S. National Vulnerability Database as an “incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to version 134.0.6998.177” — allowing a remote attacker to perform a sandbox escape via a malicious file. In plain terms: Chrome’s built-in sandboxing mechanism, designed to isolate web-content and limit what malicious code can do, was bypassed by the attackers — giving them a foothold deep inside the browser, and ultimately the host system.
According to multiple vendor advisories, the exploit was in the wild. It appears Google issued a patch in March 2025 for the flaw, but the window of exploitation may have been significantly wider.
A Refined Espionage Campaign
Security firm Kaspersky (GReAT team) has attributed the campaign exploiting CVE-2025-2783 to an operation they call Operation ForumTroll — one which targeted organisations in Russia and Belarus and used highly-tailored phishing lures and browser-based drive-by compromises.
Victims received impeccably crafted emails, often mimicking invitations to the “Primakov Readings” forum (a real or plausible high-level conference) and were lured to malicious web pages. In some cases, merely visiting the link in Chrome was enough to trigger the exploit — the user did not have to download or click additional payloads beyond the initial link.
The campaign reportedly used a validator script to confirm that the visitor was using a real browser (thus thwarting sandbox or network-scanner traps). Once validated, a cryptographic handshake (elliptic-curve Diffie-Hellman) decrypted the next stage payload hidden in innocuous‐looking files such as JavaScript bundles and fonts.
After the sandbox escape, the exploit chain reportedly hooked internal browser components (such as the V8 engine inspector and IP CZ library) to relay handles across sandbox boundaries — ultimately suspending and hijacking the browser process to inject a persistent loader. That loader then used Windows registry and COM hijacking (by overwriting legitimate DLL entries such as twinapi.dll) to ensure malware execution in trusted processes like rdpclip.exe.
The payload delivered is identified as LeetAgent — a rare spyware variant known to perform keylogging, file exfiltration (particularly targeting documents, spreadsheets and PDFs), and process injection. Kaspersky links LeetAgent’s loader to code overlaps with a commercial espionage framework called Dante developed by Italian company Memento Labs (formerly known as Hacking Team).
Tracing The Spyware Supply-Chain
Memento Labs, headquartered in Milan, is the successor to the once-notorious Hacking Team (which sold intrusion and surveillance tools to governments and law-enforcement until a data leak in 2015). The discovery of Dante in real-world campaigns is significant: although Dante was revealed publicly in 2023, this is the first documented mass exploitation deploying it via a browser zero-day.
Analysis indicates that LeetAgent dates back to at least 2022 and that the ForumTroll campaign may have used LeetAgent as a stepping-stone to Dante. One report quotes a researcher:
“In several incidents, the LeetAgent backdoor used in Operation ForumTroll directly launched the more sophisticated Dante spyware.” The Hacker News
This suggests a layered espionage infrastructure: use a covert browser exploit → deploy LeetAgent loader → transition to full-blown Dante implant.
Target Profile and Broader Implications
Victims include media outlets, universities, government agencies and financial institutions — a classic intelligence-gathering playbook rather than mass ransomware or extortion. Colleges and financial firms in Russia and Belarus were specifically flagged. The sophistication and selectivity indicate an APT-style operation rather than opportunistic cyber-crime.
What’s more, the use of a browser sandbox escape represents a particularly valuable tactic for threat actors: the browser is often the first line of defence, and bypassing the sandbox gives attackers a deep jump-box into the operating system. Industry commentary emphasises this as “the most dangerous type of browser exploit” — because it elevates from mere web compromise to system compromise.
What Users & Organisations Should Do
For individual users and enterprise IT teams alike, the takeaway is clear: update immediately, audit for compromise, and treat browser links as endangered territory. Specifically:
- Ensure Chrome is updated to at least version 134.0.6998.177/.178 on Windows (the versions patched against CVE-2025-2783) or later.
- Consider enabling Enhanced Safe Browsing mode in Chrome to gain additional protections against malicious links and downloads.
- Monitor for IOCs (indicators of compromise) such as unknown local profiles, unexpected registry COM entries, base-64-named folders under %LocalAppData%, suspicious HTTPS traffic to C2-infrastructure (e.g., via Fastly or similar CDN networks), and anomalous processes hooked into browser contexts.
- For enterprises: review network email filters and phishing defences — the initial lure vector was personalised and highly credible. Inspect browser sandbox logs, COM registry persistence vectors, and endpoint telemetry for signs of browser-process hijacking.
- Consider isolating high-risk browsing environments (such as external links or email attachments) using browser-sandbox separation, virtual machines or dedicated sandboxing tools.
Why This Matters
This incident underscores several broader concerns in cybersecurity:
Browser zero-days remain extremely valuable. Even as organisations harden perimeters, the browser remains a ubiquitous access point. When attackers can escape browser sandboxes, the battlefield shifts to the operating system and network.
Commercial spyware vendors are resurging. The connection between LeetAgent, Dante and Memento Labs suggests that commercial intrusion-ware is again being deployed in sophisticated espionage operations — raising questions about regulation, export controls and the role of third-party vendors in enabling nation-state-style hacking.
Supply-chain of espionage is layered and intertwined. Attackers are not just using leaks or commodity malware — they are combining zero-day exploitation, cryptographic validation logic, multi-stage loaders and custom persistence techniques to maintain stealth.
Phishing remains the start point. Despite all technical defences, the initial compromise often begins with a well-crafted email or link. The human factor still opens the door.
Geopolitical focus is evolving. While Russia and Belarus are named in this campaign, the techniques and vendor infrastructure are global. Organisations worldwide must assume they are potential targets.
Looking ahead
While the patch for Chrome is available and many users will update in the near-term, the attackers’ toolkit is unlikely to stop here. Security experts warn: handle-based IPC vulnerabilities — like the one in Chrome’s Mojo subsystem — may exist in other software. Analysts recommend that organisations assume “more zero-days” are around the corner and proactively invest in monitoring and rapid response capabilities.
Furthermore, the resurgence of a vendor tied to Hacking Team suggests a revival of the surveillance-tool economy. Policymakers and cybersecurity stakeholders will need to re-examine how commercial spyware is developed, sold and deployed — especially when it ends up being used in attacks on civil society, academic institutions and critical infrastructure.
In summary: this episode marks one of the most technically sophisticated browser‐based espionage operations documented in recent years. For organisations and individuals alike, the message is urgent: update now, defend broadly, and assume you could be next.
