San Francisco, USA:
Facebook mother Meta announced on Thursday the closure of some 1,500 accounts linked to “cyber mercenary” companies accused of spying on activists, dissidents and journalists around the world on behalf of paying customers.
The Facebook and Instagram pages were linked to seven companies, with services reportedly ranging from boasting public information online to using fake personas to build trust with targets or digital snooping via hacking attacks.
Meta unveiled plans to warn about 50,000 people it says are being targeted by companies in more than 100 countries, including several based or founded in Israel, a leading player in the cybersurveillance industry.
“The surveillance-for-hire industry…looks like random targeting on behalf of the highest bidder,” Nathaniel Gleicher, Facebook’s chief security officer, told a news conference.
The leading social media network said it has removed accounts linked to Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI — all of which were based or founded in Israel.
India-based BellTroX, North Macedonian company Cytrox and an unidentified entity in China have also removed accounts associated with them from Meta platforms.
“These cyber mercenaries often claim that their services only target criminals and terrorists,” according to a Meta statement.
“Targeting is in fact arbitrary and includes journalists, dissidents, critics of authoritarian regimes, families of opposition members and human rights activists,” it added.
Unnamed Chinese operation
Companies that sell ‘web intelligence services’ start the surveillance process by collecting information from publicly available online sources such as news reports and Wikipedia.
Cyber mercenaries then set up fake accounts on social media sites to extract information from people’s profiles and even join groups or conversations to learn more, Meta researchers said.
Another tactic is to gain a target’s trust in a social network and then trick the person into clicking on a booby trap link or file that installs software that can then steal information from any device they use to get online. .
With that kind of access, the mercenary can steal data from a target’s phone or computer, including passwords, photos, videos and messages, and quietly activate microphones, cameras and geolocation tracking, according to the Meta team.
Bluehawk, one of the targeted companies, sells a wide variety of surveillance activities, including managing fake accounts to install malicious code, the Meta report said.
Some of the fake accounts linked to Bluehawk impersonated journalists from media outlets such as Fox News in the United States and La Stampa in Italy, according to Meta.
While Meta was unable to determine who was running the unnamed Chinese operation, it traced “command and control” from the surveillance tool involved to servers that appeared to be used by law enforcement officers in China.
“In some cases, we found that this group’s malware framework was deployed together with facial recognition software developed by a Beijing-based company,” the Meta report said.
(Except for the headline, this story has not been edited by DailyExpertNews staff and has been published from a syndicated feed.)