Government hackers from several countries used spyware made by an Israeli company to target victims all over the world, according to new research by digital rights watchdog Citizen Lab and Microsoft. From a report: The spyware leveraged two unknown vulnerabilities — also known as zero-day exploits — in Windows. Citizen Lab, which is housed at the University of Toronto’s Munk School, and Microsoft worked together on the research, and published reports detailing their findings on Thursday. The company said it detected hacking attempts on more than 100 victims including “politicians, human rights activists, journalists, academics, embassy workers, and political dissidents” in Palestine, Israel, Iran, Lebanon, Spain, UK, and other countries. Citizen Lab said it was able to identify and reach out to a victim who let its researchers analyze their computer and extract the malware.
“This was someone who was targeted for their political positions and political beliefs, rather than someone who was the target of a terrorism investigation or something like this,” Bill Marczak, one of the researchers at Citizen Lab who worked on the investigations, told Motherboard in a phone call. Citizen Lab concluded that the malware and the zero-days were developed by Candiru, a mysterious Israel-based spyware vendor that offers âoehigh-end cyber intelligence platform dedicated to infiltrate PC computers, networks, mobile handsets,” according to a document seen by Haaretz. Candiru was first outed by the Israeli newspaper in 2019, and has since gotten some attention from cybersecurity companies such as Kaspersky Lab. But, until now, no one had published an analysis of Candiru’s malware, nor found someone targeted with its spyware.
Read more of this story at Slashdot.