The US Commerce Department has added Israeli NSO and Candiru to its list of entities for engaging in acts that are inconsistent with the US’s national security or foreign policy interests, the department said in a statement on Wednesday.
About a month ago human rights journalists, activists, and elected officials have been warned that second sophisticated spyware has been discovered on computers in Europe and the Middle East that might be used to target them.
Cybersecurity company, ESET, said they see the attack in its September “Threat Report,” mentioning a “murky Israeli mercenary spyware”, developed by Candiru spyware dubbed DevilsTongue.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at firstname.lastname@example.org.
ESET expressed worry about the malware being sold to third parties that can use it to spy on a variety of victims, including human rights defenders, dissidents, journalists, activists, and politicians, citing Citizens Lab’s July report and the Microsoft Threat Intelligence Center.
DevilsTongue malware was detected on computers in Turkey, Russia, Albania, and the Middle East, according to ESET experts.
According to Israeli media, Tel Aviv-based Candiru, is the second-largest in Israel in its field. Founded in 2014 by Yitzhak Zack, Candiru employs 120 cyber warfare experts from the IDF’s 8200 unit. It’s annual sales turnover $30 million. It sells its services to Saudi Arabia and Mexico, among others.
“The malware is extremely targeted,” ESET stated. “Each DevilsTongue victim that we identified had a bespoke sample with PE materials that were exclusive to that victim.”
Citizen’s Lab and Microsoft discovered in July that Candiru had been used to spy on over 100 human rights activists, regime opponents, journalists, and scholars from Iran, Lebanon, Yemen, the United Kingdom, Turkey, and even Israel.
This was the first time that suspicions have been leveled against a second Israeli cyber-surveillance firm, Candiru, that is considered a competitor of the NSO Group.
The infamous Israeli NSO ignited a global scandal in July when it was discovered that its Pegasus spyware was targeting up to 50,000 phones.
Pegasus, dubbed Israel’s “mercenary” spyware, has encouraged users of Apple products, including mobile phones, tablets, and watches, to update their gadgets in order to safeguard against it.
According to cybersecurity insiders, there are over 32 such firms working in the region, making offensive cyber activity a lucrative business in Israel. According to trade analysts, this results in annual sales of $2 billion.
“These companies increase the possibility of weapons slipping into the wrong hands and harming human rights,” Microsoft stated, emphasizing its commitment to continuing to fight spyware and surveillance keys through a variety of tactics.