Israeli company helps Arab governments to spy on dissidents and opponents
A report by Microsoft in collaboration with experts from Citizen Lab at the University of Toronto. The Candiru company allegedly used activist websites to hack into the devices. At least 100 people were killed in the Occupied Palestinian Territories, Israel, Iran, Lebanon, Yemen, Turkey, Armenia and Singapore.
Tel Aviv (AsiaNews/Agencies) - An Israeli company has helped several governments around the world, including Arabs, to spy on and hack into the movements of activists, journalists, embassy employees, diplomats and opposition politicians.
A report issed by Microsoft reveals that the spyware was installed through bogus humanitarian web groups, including counterfeit Amnesty International and Black Lives Matter pages.
The discovery was made in a study by Citizen Lab experts at the University of Toronto, who worked with Microsoft to uncover the 'malicious' activities of Candiru, a Tel Aviv-based company specialising in the sale of 'untraceable' spyware. According to the report, the technology made it possible to enter Microsoft Windows, infecting and monitoring the activities of owners of computers and mobile phones.
Scouring the network, Citizen Lab reportedly identified more than 750 sites linked to Candiru's spyware infrastructure. "We found many domains masquerading as advocacy organizations, as well as media companies, and other civil-society themed entities," the group said. Bill Marczak, co-author of the report, told the Guardian that the sources often appeared to be trustworthy, but once penetrated, the spyware would execute "background code" to "quietly hijack" the "control of the computers" of those affected.
The code, adds the expert, guaranteed 'constant access' to the computer or smartphone, allowing governments to steal passwords, documents, and turn on microphones or cameras of the people being spied on. And the victims around the world, he concludes, 'were not aware of anything'. The programme was able to infect iPhones, Android devices, Macs, PCs, iPads and cloud accounts and was used to target various organisations and individuals, including a Saudi dissident group and a left-wing Indonesian newspaper.
Microsoft speaks of at least 100 victims in the Occupied Palestinian Territories, Israel, Iran, Lebanon, Yemen, Turkey, Armenia and Singapore. "Candiru's growing presence and use of its surveillance technology on global civil society is a reminder," says Citizen Lab, "that the mercenary spyware industry is comprised of many actors and subject to widespread abuse."
In the two years since it was founded, Candiru has reportedly turned over nearly million. Its clients are located in Europe, the former Soviet Union, the Persian Gulf, Asia, and Latin America. Among the countries that use Candiru are several Middle Eastern countries, including Saudi Arabia, the United Arab Emirates (UAE) and Qatar.
Several Israeli companies, whose founders come from the intelligence and defence sectors, have developed technologies to hack and spy on mobile phones or computers.
In June, Quadream, another Tel Aviv-based company, was accused of selling a programme called Reign to Saudi authorities, which is capable of stealing data from phones and using them as tracking devices, without using covert links to enter the devices. The spyware Pegasus, developed by Israel's largest surveillance company NSO Group, also uses zero-click technology and was sold to Saudi Arabia, among others.