Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Microsoft

Mysterious Israeli Spyware Vendor's Windows Zero-Days Caught in the Wild (vice.com) 27

Government hackers from several countries used spyware made by an Israeli company to target victims all over the world, according to new research by digital rights watchdog Citizen Lab and Microsoft. From a report: The spyware leveraged two unknown vulnerabilities -- also known as zero-day exploits -- in Windows. Citizen Lab, which is housed at the University of Toronto's Munk School, and Microsoft worked together on the research, and published reports detailing their findings on Thursday. The company said it detected hacking attempts on more than 100 victims including "politicians, human rights activists, journalists, academics, embassy workers, and political dissidents" in Palestine, Israel, Iran, Lebanon, Spain, UK, and other countries. Citizen Lab said it was able to identify and reach out to a victim who let its researchers analyze their computer and extract the malware.

"This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this," Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call. Citizen Lab concluded that the malware and the zero-days were developed by Candiru, a mysterious Israel-based spyware vendor that offers âoehigh-end cyber intelligence platform dedicated to infiltrate PC computers, networks, mobile handsets," according to a document seen by Haaretz. Candiru was first outed by the Israeli newspaper in 2019, and has since gotten some attention from cybersecurity companies such as Kaspersky Lab. But, until now, no one had published an analysis of Candiru's malware, nor found someone targeted with its spyware.

This discussion has been archived. No new comments can be posted.

Mysterious Israeli Spyware Vendor's Windows Zero-Days Caught in the Wild

Comments Filter:
  • by Registered Coward v2 ( 447531 ) on Thursday July 15, 2021 @11:54AM (#61585261)
    I'm guessing they are tied to Israel's military given its level of sophistication in technology. I can see where Israel, as well as other governments would be interested in spying on those they deemed "dangerous." I would not be surprised if governments who are publicly Israel bought because , well, it's top quality and isn't going to be made public as well. It's like screwing that person who is great in bed but no one wants around and not telling anyone; you get a hole lot of benefits with no downside.
    • > It's like screwing that person who is great in bed but no one wants around and not telling anyone; you get a hole

      Indeed you do.

    • It's like screwing that person who is great in bed but no one wants around and not telling anyone; you get a hole lot of benefits with no downside.

      The term you're looking for is moped [youtube.com] -- "Mopeds are fun, but you don't want your buddies to see you riding one."

      Pam: And then he was like --
      Cheryl: You're a moped.
      Pam: How'd you know? And what's it mean, anyway?
      Cheryl: Mopeds are fun but you don't want your buddies to see you riding one.
      Pam: Oh... I thought he meant I was fuel efficient. Only had ten beers.
      Cheryl: Forties?
      Pam: No... yes. Hence the shandy!

      Ahh... Archer [wikipedia.org].

  • The company said it detected hacking attempts on more than 100 victims including "politicians, human rights activists, journalists, academics, embassy workers, and political dissidents" in Palestine, Israel, Iran, Lebanon, Spain, UK, and other countries.

    Does anyone here fit these descriptions? Run and hide, the enemy is coming for you.

    • by Anonymous Coward

      If you are of interest to state-level hackers, why are you using Windows?

  • Seriously doubt the Israelis would allow a valuable zero day to be used so indiscriminately if they actually spent the money to develop it. More than likely it is stolen from US "Intelligence."

  • a security company named after a parasitic fish mostly known for swimming into and lodging its spines in your urethra must be legitimate!

    also it would be nice to see some modest sanction of Israel for this bullshit, but we all know it's not going to happen...

  • Reason (Score:2, Insightful)

    by Dan East ( 318230 )

    "This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this," Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call.

    How do they know what the person was being investigated for? Just saying, they don't have access to that person's tax information, business dealings, or other information relating to Israel and their travel abroad. I'm sure a pedophile would deny having child pornography if asked by some random 3rd party why some government may have been trying to access their computer. "Oh yeah, I bet that's just because I wired money to an organization labeled as terrorist by the UN. No biggie."

  • by peterww ( 6558522 ) on Thursday July 15, 2021 @12:19PM (#61585365)

    I feel like I've seen a dozen different articles about different companies in Israel building draconian spying tech for governments to use on its own citizens. It's always marketed to governments to spy on their own people. Maybe it's just that these are the only ones being reported? But it seems like a meme at this point: "Israeli start-up feeds weapons to governments to oppress political dissidents."

    What the hell is going on?

    • what's so unusual about it? it's a country with an extremely strong tech sector and, shall we say, selectively lax regulation thereof.

      it's like asking "why do all these fly-by-nights incorporate in Delaware? what are Delawarians hiding?", when it's obviously the near 0% tax rate.

      if there's an uptick now specifically, it might be interests trying to push Biden into a corner on the issue. this is purely speculative, but i wouldn't discount the possibility.

      • by peterww ( 6558522 ) on Thursday July 15, 2021 @01:26PM (#61585657)

        So is it just a coincidence they all seem to do, well, shady/immoral things? I don't see how "lack of regulation" led to this one country having a start-up scene full of weapons dealers? I'm sure there's an explanation but I can't see it. If I had to guess, I would say that they were given carte blanche by both their government and the USG as long as they don't target USG. But then it also doesn't explain whether their own country is totally cool with these businesses, or why so many of them would be starting (don't these business people have ethics?)

        • The explanation is pretty simple.
          Israel has mandatory military draft at age 18, those who are technically competent get drafted to intelligence units.
          They often have to sign up for a few years extra to complete a degree, or special training, but they know that when they complete their service they'll get priority placement in the private sector because of their experience.
          Most of them will end up at FANG companies or various start-ups, but some will apply the skills they learned in intelligence gathering fo

      • The only response Biden would possibly have to this is "Oh that's swell, I'll send Israel another billion dollars to buy it just in case it's not already linked to their military. I'll get on the phone to the boys at the NSA too, make sure we've already given them enough billions to buy all our spyware and such too."
    • Re: (Score:2, Interesting)

      by ewibble ( 1655195 )

      Its because certain media have a bias against Israel, while I have little doubt Israeli tech companies sell spyware to governments, but the phrasing puts Israel in a bad light. I am sure the that the USA and other western countries sell weapons to countries like Saudi Arabia but when they attack someone the headline never goes "US weapons used to attack x", its "Saudi Arabia attacks x". Also if you listen to Al Jazeera when they mention the East Jerusalem or Gaza Strip they will always say occupied in fron

No spitting on the Bus! Thank you, The Mgt.

Working...