Last Updated, Dec 16, 2021, 10:11 PM Technology
Facebook says 50,000 users were targeted by cyber mercenary firms in 2021
technology

[ad_1]

  • Cobwebs Technologies, an Israeli firm with offices and customers in the US, had 200 accounts shut down that were collecting information on targets and engaging in social engineering to reveal private information. The company is used by law enforcement, according to investigators, and it is also used to target activists, opposition politicians, and government officials in Mexico and Hong Kong. Cobwebs spokesperson Meital Levi Tal told MIT Technology Review that the company was unaware of Meta’s findings and that it “operates only according to the law and adheres to strict standards in respect of privacy protection.”
  • The Israeli firm Cognyte lost 100 accounts reportedly engaged in monitoring targets including journalists and politicians around the world.
  • Black Cube is an Israeli company associated with an immense list of scandals, including a history of spying on reporters. Facebook investigators say they found the firm gathering intelligence on a vast array of targets ranging from Palestinian activists to people in the medical and energy industries to academics, particularly inside Russia. Black Cube reportedly built fake personas including students, human rights workers, and film producers. Investigators say the company would typically befriend a person and then set up phone calls to obtain the target’s email address, with the likely goal of carrying out tactics like phishing attacks. When reached for comment, the company denied undertaking any hacking operations and insisted that all “agents’ activities are fully compliant with local laws.”
  • Another Israeli firm, Bluehawk CI, is already well known for posing as journalists and tricking targets into installing malware. Facebook said it removed 100 accounts linked to the firm that the company concluded were being used widely against targets including political opponents of the United Arab Emirates government and businessmen across the Middle East.
  • The Indian company BellTroX has been active for at least seven years in the surveillance industry. Facebook removed 400 accounts associated with the firm that investigators said were used to pose as politicians and journalists and to stage phishing attacks against victims including doctors, lawyers, activists, and members of the clergy in Angola, Argentina, Saudi Arabia, and Iceland.
  • The North Macedonian firm Cytrox is engaged primarily in hacking, investigators said. The company targeted journalists and politicians around the world. Cytrox is a part of an alliance of surveillance and intelligence firms known as Intellexa. Executives at another Intellexa firm, Nexa Technologies, were indicted earlier this year for their alleged role in spying on and torturing dissidents in Libya and Egypt.
  • Finally, an unidentified organization in China was linked to a vast surveillance operation that included the use of social engineering against targets and the development of malware to spy on minority groups in Xinjiang, China, as well as Myanmar and Hong Kong.

Facebook’s parent company, Meta, which sued the Israeli hacking company NSO Group in 2019, is sending cease-and-desist letters to each of the firms today as well as sharing alerts to the approximately 50,000 victims it’s identified. The alerts tell victims that “a sophisticated actor may be targeting your Facebook account” and then recommend steps to better secure their account, including running a privacy checkup.

The ultimate goal of the work, investigators said, is to prompt a bigger discussion about the surveillance-for-hire industry. They said they recommend strengthening transparency and “know your customer” laws, deepening industry collaboration to counteract surveillance firms, and increasing accountability through new legislation and export control laws.

The investigators added that not all of the firms’ work appears to contravene known laws and ethical standards—some of these companies are known to use Facebook and Instagram to carry out legitimate law enforcement and intelligence work. But both platforms have established channels for law enforcement to legally request data in a way that complies with due process and transparency.

“The targeting we’re seeing from these companies doesn’t look like that,” Gleicher said. “It’s indiscriminate targeting across society. These companies are designed to conceal who their clients are. If you’re a foreign government who wants to make it hard for defenders to find you, you hire a company like this to create a layer of obfuscation between you and the harm that occurs.”

Beyond the cease-and-desist letters and widespread removal of accounts, Gleicher did not rule out future lawsuits against any of the offending firms. Still, investigators said ferreting out for-hire surveillance activities is likely to be an ongoing challenge.

“When we see networks engage in this type of activity, we take a network approach,” said David Agranovich, director of threat disruption at Facebook. “We take down all of their activity on the platform at the same time. And knowing that they are adversarial networks, we will then work to keep them off of our platform.”

[ad_2]

Source