Creating new perspectives since 2009

After NSO Group, warning issued against second Israeli spyware firm

October 4, 2021 at 3:09 pm

This studio photographic illustration shows a smartphone with the website of Israel’s NSO Group which features ‘Pegasus’ spyware, on display in Paris on July 21, 2021 [JOEL SAGET/AFP via Getty Images]

Human rights defenders, dissidents, journalists, activists and politicians have been warned that a second advanced Israeli spyware has been found on computers in Europe and the Middle East that could be used to target them.

Details of the threat was issued by cybersecurity company ESET in its September “Threat Report.” It mentioned spyware developed by a company called Candiru which was described as a “murky Israeli mercenary spyware.”

Citing Citizens Lab’s July report and Microsoft Threat Intelligence Center, ESET raised concerns over a malware called  DevilsTongue sold to third parties which can abuse it to spy on various victims, including human rights defenders, dissidents, journalists, activists and politicians.

READ: Israel spyware scandal is similar to arms sales used to carry out genocides, analyst says

ESET researchers discovered indications of DevilsTongue malware affecting computers in the Middle East, Turkey, Russia and Albania. “The malware is highly targeted,” said ESET. “Each DevilsTongue victim we identified had a custom sample with PE resources unique to that victim.”

The July report by Citizen’s Lab and Microsoft found that Candiru had been used to spy on more than 100 human rights activists, regime opponents, journalists and scholars from countries such as Iran, Lebanon, Yemen, UK, Turkey and even Israel.

Revelations about Candiru make it the first time that fingers were being pointed at a second Israeli cyber-surveillance company, which is considered a competitor of the NSO Group. The notorious Israeli firm sparked a global scandal in July following the discovery that as many as 50,000 phones were targeted by its Pegasus spyware.

READ: French President’s phone number amongst list of NSO’s Pegasus targets 

Dubbed Israel’s “mercenary” spyware firm, users of Apple products, including mobile telephones, tablets and watches, were instructed to update their devices to protect against Pegasus.

Cybersecurity insiders said that there are over 32 such companies operating in the region which make the offensive cyber activity a big business in Israel. Trade analysts say that it leads to the generation of $2 billion sales a year.

“These companies increase the risk of weapons falling into the wrong hands and endangering human rights,” Microsoft said, making clear that it intends to continue to utilise a variety of measures in the fight against spyware and surveillance keys.