The Pegasus scandal that came to light last year has blown open the conversation around spyware tools offered by legitimate companies. As such, Meta investigated the prevalence of Pegasus-esque spyware across two of the biggest social media platforms it owns. The company discovered more to the surveillance-for-hire market than what meets the eye.
Pegasus is military-grade spyware used for digital surveillance of users on iOS and Android devices. NSO Group sells the Pegasus spyware to foreign governments that may enable them to eavesdrop on-device data (including messages and other forms of communication) of terrorists, dissidents, and other kinds of criminals.
However, the NSO Group has been in the limelight for all the wrong reasons since July 2021, when Amnesty International alleged through a reportOpens a new window that the high-tech spyware developed by the Israeli company was used to snoop on journalists, human rights lawyers and activists, businessmen, academics, politicians, etc., besides criminals by several governments and that the NSO Group enabled it.
It is no secret that private companies offering highly sophisticated tools to snoop in on individuals and organizations alike exist. Popularly called cyber mercenaries, such companies are hired to extract information, often secretive, to prevent crimes before they can happen. Cyber mercenaries often tread the fine line between being illegal and legal but ethically non-kosher to carry out such operations.
But the explosive revelations made last year spurred multiple investigations by organizations, one of which by Meta (formerly Facebook) revealed that the surveillance on the private sector is bigger than originally thought to be. Meta noted how the NSO Group is “only one piece of a much broader global cyber mercenary ecosystem.†As such, Meta identified 50,000 such users hailing from 100 countries, spied upon in 2021.
See More: Spyware: How They Impact Enterprises And How to Spot An Infection
Meta’s investigation also unearthed seven private companies engaged in unethical, sometimes “illicit†surveillance of users across two of its platforms, Facebook and Instagram. Trend Micro also came across Void Balaur in their investigation. These companies target people across the internet to collect intelligence, manipulate them into revealing information and compromise their devices and accounts.
“Cyber mercenaries often claim their services and their surveillanceware are meant to focus on tracking criminals and terrorists,†said Nathaniel Gleicher, head of security policy at Facebook. “But our investigation and similar investigations by independent researchers, our industry peers, and governments have demonstrated that the targeting is in fact indiscriminate.â€
This begs the question: who is the clientele of these surveillance-for-hire companies? Well, it’s a tightly kept secret considering it is a gray area. But it isn’t a stretch to assume that spying can prove to be detrimental to individual security and national security.
“The targeting of a single individual with both Pegasus and Predator [another spyware] underscores that the practice of hacking civil society transcends any specific mercenary spyware company,†noted researchers from Citizen Lab at the University of Toronto. “Instead, it is a pattern that we expect will persist as long as autocratic governments are able to obtain sophisticated hacking technology. Absent international and domestic regulations and safeguards, journalists, human rights defenders, and opposition groups will continue to be hacked into the foreseeable future.â€
What Meta was able to identify were 1,500 accounts on Facebook and Instagram linked to the seven companies, all of which (both accounts and companies) are now banned from respective platforms. These are:
|
Company Name |
Country of Origin | Accounts Removed from FB and Instagram | Has Customers In | Other PlatformsTargeted |
| Cobwebs Technologies | Israel | 200 | Bangladesh, Hong Kong, the United States, New Zealand, Mexico, Saudi Arabia, Poland |
WhatsApp, Twitter, Flickr, public websites and “dark web†sites |
|
Cognyte |
Israel | 100 | Israel, Serbia, Colombia, Kenya, Morocco, Mexico, Jordan, Thailand, and Indonesia | Twitter, YouTube, and VKontakte |
| Black Cube | Israel | 300 | Africa, Eastern Europe, South America, Palestine, Russia |
|
|
Bluehawk CI |
Israel | 100 | Middle East including UAE and Qatar, Argentina | – |
| BellTroX | India | 400 | Australia, Angola, Saudi Arabia, Iceland |
– |
|
Cytrox |
North Macedonia | 300 | Egypt, Armenia, Greece, Saudi Arabia, Oman, Colombia, Côte d’Ivoire, Vietnam, the Philippines, and Germany | – |
| Unknown Company | China | 100 | – |
Android, iOS, Windows, and also Linux, Mac OS X, Solaris |
See More: Top Tips to Protect Your Organization Against the Biggest Security Threats of 2022
The 50,000 users that Meta believes were targeted, notified with the following message:
Notifications to Surveillance-for-Hire Targets on Facebook, Instagram | Source: Meta
Previously, NSO Group has drawn criticism from Google, Microsoft, Cisco, and others. WhatsApp, a Meta company, has even sued NSO Group in 2019Opens a new window for allegedly sending malware to 1,400 of its users through WhatsApp servers for surveillance.
The U.S. Department of Commerce blacklisted the NSO Group and CandiruOpens a new window , another Israeli company, earlier in November 2021. The Dept of Commerce added the two companies, along with some others, to the Entity List, which bans them from purchasing software and related components without a license from U.S vendors.
The NSO Group is also facing the wrath of the most valuable company in the world, Apple, that prides itself on the privacy it offers to its customers. Apple sued the “amoral 21st century mercenary†in November 2021, seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices.
More recently, Asher Levy, the chairman of Israeli spyware company NSO Group this week, confirmed he is stepping down from his role. He denied this decision to be influenced by recent scrutiny, including allegations of the use of PegasusOpens a new window by Israeli police on Israeli citizens.
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!