[ad_1]
An Israeli cyber warfare group armed vulnerabilities in Microsoft and Google products, allowing governments to hack into more than 100 journalists, activists and political dissidents around the world. new research has found.
The relatively unknown player, marketed as Candiru, is part of a lucrative Israeli offensive cyber industry that often recruits veterans of elite army units and sells software that allows its customers to hack computers and mobile phones remotely. .
Companies such as Candiru and the main player in this opaque industry, the NSO group, which was valued at $ 1 billion in a 2019 transaction, said its software is designed to be used by government and police agencies to frustrate terrorism and crime.
But the UN, the University of Toronto’s Citizen Lab, and rights groups like Amnesty International have regularly tracked spyware down the phones and computers of journalists, political dissidents, and activists critical of repressive regimes.
Emails sent to various addresses listed for Candiru executives who wanted to comment responded or went unanswered.
In this case, Microsoft and Citizen Lab found that Candiru was selling a spyware tool that exploited Microsoft Windows flaws, allowing those who deployed it to steal passwords, export files, and messages from devices, including the Signal Encryption messaging application. , and send emails and social media accounts.
The report said its analysis found that Candiru’s systems, which are sold exclusively to governments, had been “operated from Saudi Arabia, Israel, the United Arab Emirates, Hungary and Indonesia, among other countries.”
Candiru’s spyware targeted at least 100 members of civil society, including politicians, human rights activists, journalists, academics, embassy workers and political dissidents, according to the report, in places like the UK, Spain , Singapore and Israel and the Occupied Palestinian Territories.
Investigators also found more than 750 fake websites posing as groups, including Amnesty International, the Black Lives Matter movement and the Russian postal service that had been linked to its spyware.
“Candiru has tried to stay in the shadows since its founding,” said Bill Marczak, a senior member of the Citizen Lab. “But there is no room for shadow for companies to facilitate authoritarianism by selling used spyware against journalists, activists and civil society.”
Microsoft he said in a blog post who had released a “software update” this week that will protect Windows clients from exploits [the company] used to provide their malware “
Separately, the Citizen Lab report found two Google Chrome vulnerabilities revealed by the Silicon Valley company on Wednesday had been exploited by Candiru. Although Google did not explicitly link the exploits to Candiru, it attributed them to a “commercial surveillance company.”
The report highlights a strong focus on the growing mercenary spyware industry, which is increasingly provoking outrage from Big Tech platforms, whose software can be armed. Candiru’s largest rival NSO group is currently facing a WhatsApp lawsuit, backed by other tech groups, for allegedly selling tools that allowed customers to surreptitiously inject their software into phones via WhatsApp calls.
In a 2019 Candiru marketing document, seen by the Financial Times, the group promoted its “superpower cyber intelligence system,” saying that the installation and exfiltration processes are secret and covert, uninterrupted in the regular activity of the target “.
He added that “proprietary stealth agents are silently deployed to the target device, using our developed set of attack vectors and zero-day vulnerabilities,” suggesting that the Microsoft Windows flaw is just one of those that has exploiting state.
Google said in its message this week that there were “more commercial sellers selling access in 0 days than in early 2010.”
Cristin Goodwin, CEO of Microsoft’s Digital Security Unit, said: “A world where private sector companies manufacture and sell cyber weapons is more dangerous for consumers, businesses of all sizes and governments.”
[ad_2]
Source link