Heimdal
article featured image

Contents:

Meta published a report on the 16th of December, named “Threat Report on the Surveillance-for-Hire Industry”, where it announced that it banned six alleged entities and a Chinese law enforcement supplier that provided services on surveillance-for-hire targeting 50 K people. The report comes as a result of a long investigation, emphasizing what measures were taken against these entities and what are the attack phases related to them Meta discovered.

Meta declared that:

The global surveillance-for-hire industry targets people across the internet to collect intelligence, manipulate them into revealing information and compromise their devices and accounts. While cyber mercenaries often claim that their services and surveillanceware are intended to focus on criminals and terrorists, our investigation found they in fact regularly targeted journalists, dissidents, critics of authoritarian regimes, families of opposition and human rights activists around the world. These companies are part of a sprawling industry that provides intrusive software tools and surveillance services indiscriminately to any customer — regardless of who they target or the human rights abuses they might enable.

Source

What Were the Seven Banned Entities?

The report stated that seven entities were banned along with providing some details about them.

Cobwebs Technologies

Meta informed that it removed 200 accounts under Cobwebs Technologies, which is an Israel-based company having offices across the US. According to the report, its platform facilitates reconnaissance activities on social media websites like Facebook, Twitter, Instagram, Whatsapp. Its actions seem to include data collection about their targets and it also makes use of social engineering techniques to determine targets disclose personal data.

Cognyte

Meta announced that it removed almost 100 Instagram and Facebook accounts related to Cognyte and its customers. This company is also Israel-based and was previously named WebintPro. As per the report, the company markets a platform that has the role of false accounts management on social media platforms like Facebook, Instagram, Twitter, YouTube, and VKontakte (VK). The purpose seems to be using social engineering tactics and performing people info collection.

Black Cube

300 accounts linked to this Israel-based company that engaged in operating false profiles were removed by Meta. Some impersonated NGO and human rights workers or graduate students or even producers of films and TV with the goal to set up calls, a means by which they could obtain the victims’ email addresses.

Bluehawk CI

The surveillance chain phases this Israel-based firm focused on were engagement, reconnaissance, and exploitation. Meta removed almost 100 Facebook accounts linked to this company.

Bluehawk sells a wide range of surveillance-for-hire activities that included social engineering, gathering of litigation-related intelligence about people, and managing fake accounts to trick them into installing malware. The individuals behind this firm showed persistence and continued to try to come back to our platform after we took down dozens of their accounts. These fake accounts posed as journalists working for existing media organizations like La Stampa in Italy and Fox News in the US to trick their targets into giving an on-camera interview.

Source

BellTroX

The fifth banned entity was this time an Indian enterprise that allegedly had European government officials as targets along with Bahamas gambling tycoons and also U.S. investors.

400 false accounts associated with this company were removed by Meta, accounts useful in actions like sending malicious links to victims, reconnaissance, and social engineering techniques. They posed as journalists or personalities from the media and had the goal of getting the targets’ email addresses.

Cytrox

This is a North Macedonian company that Meta connected to 300 false Instagram and Facebook accounts. Through the exploits this company develops and the surveillance tools it sells, its clients can engage in compromising iOS and Android devices

We believe Cytrox used to spoof legitimate news entities in the countries of their interest and mimic legitimate URL-shortening and social media services.

Source

“An unknown entity in China”

The seven entity indicates as Meta describes, “an unknown entity in China” linked to 100 K Facebook and Instagram accounts. It seems that its surveillance was developed for operating systems like Android, iOS, Windows, Linux, Mac OS X, and Solaris.

According to Threatpost publication, Meta said that among the surveillance victims there were critics of authoritarian regimes, opposition members families, journalists, dissidents, or activists of human rights.

Nathaniel Gleicher, the head of security policy from Meta, also declared in a press conference that this activity of the surveillance-for-hire industry “appears to be much broader than that and spread around the world.”

Richard Melik from Zimperium declared to the same publication that spyware is transforming into a rising issue for users of mobile phones and that vulnerabilities for exploitation are found much faster “than OEMs can patch” and, according to him, because of the base-level security, VIPS, governments, and enterprises aren’t able to prevent these privacy intrusions.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Andra Andrioaie

Security Enthusiast

linkedin icon

Hi! My name is Andra and I am a passionate writer interested in a variety of topics. I am curious about the cybersecurity world and what I want to achieve through what I write is to keep you curious too!

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE