Mysterious Israeli Spyware Vendor's Windows Zero-Days Caught in the Wild (vice.com) 27
Government hackers from several countries used spyware made by an Israeli company to target victims all over the world, according to new research by digital rights watchdog Citizen Lab and Microsoft. From a report: The spyware leveraged two unknown vulnerabilities -- also known as zero-day exploits -- in Windows. Citizen Lab, which is housed at the University of Toronto's Munk School, and Microsoft worked together on the research, and published reports detailing their findings on Thursday. The company said it detected hacking attempts on more than 100 victims including "politicians, human rights activists, journalists, academics, embassy workers, and political dissidents" in Palestine, Israel, Iran, Lebanon, Spain, UK, and other countries. Citizen Lab said it was able to identify and reach out to a victim who let its researchers analyze their computer and extract the malware.
"This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this," Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call. Citizen Lab concluded that the malware and the zero-days were developed by Candiru, a mysterious Israel-based spyware vendor that offers âoehigh-end cyber intelligence platform dedicated to infiltrate PC computers, networks, mobile handsets," according to a document seen by Haaretz. Candiru was first outed by the Israeli newspaper in 2019, and has since gotten some attention from cybersecurity companies such as Kaspersky Lab. But, until now, no one had published an analysis of Candiru's malware, nor found someone targeted with its spyware.
"This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this," Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call. Citizen Lab concluded that the malware and the zero-days were developed by Candiru, a mysterious Israel-based spyware vendor that offers âoehigh-end cyber intelligence platform dedicated to infiltrate PC computers, networks, mobile handsets," according to a document seen by Haaretz. Candiru was first outed by the Israeli newspaper in 2019, and has since gotten some attention from cybersecurity companies such as Kaspersky Lab. But, until now, no one had published an analysis of Candiru's malware, nor found someone targeted with its spyware.
Who needs space lasers? (Score:3)
Re: (Score:3)
> It's like screwing that person who is great in bed but no one wants around and not telling anyone; you get a hole
Indeed you do.
Re: (Score:2)
It's like screwing that person who is great in bed but no one wants around and not telling anyone; you get a hole lot of benefits with no downside.
The term you're looking for is moped [youtube.com] -- "Mopeds are fun, but you don't want your buddies to see you riding one."
Pam: And then he was like --
Cheryl: You're a moped.
Pam: How'd you know? And what's it mean, anyway?
Cheryl: Mopeds are fun but you don't want your buddies to see you riding one.
Pam: Oh... I thought he meant I was fuel efficient. Only had ten beers.
Cheryl: Forties?
Pam: No... yes. Hence the shandy!
Ahh... Archer [wikipedia.org].
We are all enemies. (Score:2)
The company said it detected hacking attempts on more than 100 victims including "politicians, human rights activists, journalists, academics, embassy workers, and political dissidents" in Palestine, Israel, Iran, Lebanon, Spain, UK, and other countries.
Does anyone here fit these descriptions? Run and hide, the enemy is coming for you.
Re: (Score:1)
If you are of interest to state-level hackers, why are you using Windows?
Doubt (Score:1)
Seriously doubt the Israelis would allow a valuable zero day to be used so indiscriminately if they actually spent the money to develop it. More than likely it is stolen from US "Intelligence."
Re: (Score:2)
if they actually spent the money to develop it.
I thought that zero-days were searched for and found, not developed.
Re: (Score:1)
Ok?
Re: (Score:2)
What's really, really funny is that I remember when it was the Reps who were always sure it's the evil Russkies.
Pretty much everyone with a clue (Score:3)
It's pretty much everyone with a clue. Anybody with any knowledge of cybersecurity knows that Russian hackers are hitting the US tens of thousands of times a day, because the cops aren't going to bust them for it. Their government is more likely to *reward* them for it.
Not everything is a political question in which Dems have to take one side and therefore republicans have to automatically say the opposite. 1+1=2. It doesn't matter who your favorite politiball team is, one plus one is in fact two.
Re: (Score:2)
But 1+1 MUST NOT be 2 if the other side of the political fence said it was! We have to find a reason why it ain't 2.
Ha! Base2! Now it's 10. FAKE NEWS, FAKE NEWS!
Re: (Score:2)
No, attacking the US is NOT an industry in Israel, because the government WOULD put someone in prison for that.
Re: (Score:2)
What's really, really funny is that I remember when it was the Reps who were always sure it's the evil Russkies.
It's actually astonishing how quickly the two sides switched on that.
candiru lol (Score:2)
a security company named after a parasitic fish mostly known for swimming into and lodging its spines in your urethra must be legitimate!
also it would be nice to see some modest sanction of Israel for this bullshit, but we all know it's not going to happen...
Reason (Score:2, Insightful)
"This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this," Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call.
How do they know what the person was being investigated for? Just saying, they don't have access to that person's tax information, business dealings, or other information relating to Israel and their travel abroad. I'm sure a pedophile would deny having child pornography if asked by some random 3rd party why some government may have been trying to access their computer. "Oh yeah, I bet that's just because I wired money to an organization labeled as terrorist by the UN. No biggie."
In before "antisemitic" (Score:5, Interesting)
I feel like I've seen a dozen different articles about different companies in Israel building draconian spying tech for governments to use on its own citizens. It's always marketed to governments to spy on their own people. Maybe it's just that these are the only ones being reported? But it seems like a meme at this point: "Israeli start-up feeds weapons to governments to oppress political dissidents."
What the hell is going on?
Re: (Score:2)
what's so unusual about it? it's a country with an extremely strong tech sector and, shall we say, selectively lax regulation thereof.
it's like asking "why do all these fly-by-nights incorporate in Delaware? what are Delawarians hiding?", when it's obviously the near 0% tax rate.
if there's an uptick now specifically, it might be interests trying to push Biden into a corner on the issue. this is purely speculative, but i wouldn't discount the possibility.
Re:In before "antisemitic" (Score:5, Interesting)
So is it just a coincidence they all seem to do, well, shady/immoral things? I don't see how "lack of regulation" led to this one country having a start-up scene full of weapons dealers? I'm sure there's an explanation but I can't see it. If I had to guess, I would say that they were given carte blanche by both their government and the USG as long as they don't target USG. But then it also doesn't explain whether their own country is totally cool with these businesses, or why so many of them would be starting (don't these business people have ethics?)
Re: (Score:2)
The explanation is pretty simple.
Israel has mandatory military draft at age 18, those who are technically competent get drafted to intelligence units.
They often have to sign up for a few years extra to complete a degree, or special training, but they know that when they complete their service they'll get priority placement in the private sector because of their experience.
Most of them will end up at FANG companies or various start-ups, but some will apply the skills they learned in intelligence gathering fo
Re: (Score:2)
Re: (Score:2, Interesting)
Its because certain media have a bias against Israel, while I have little doubt Israeli tech companies sell spyware to governments, but the phrasing puts Israel in a bad light. I am sure the that the USA and other western countries sell weapons to countries like Saudi Arabia but when they attack someone the headline never goes "US weapons used to attack x", its "Saudi Arabia attacks x". Also if you listen to Al Jazeera when they mention the East Jerusalem or Gaza Strip they will always say occupied in fron