Israel‘s offensive cyber industry accounts for a wide variety of surveillance and espionage technologies. A number of these are tools sold to policing bodies which reveal the geographic location of a target. There are also more advanced technologies, sold to law enforcement and intelligence bodies, which allow clients to hack into computers, mobile phones and encrypted messaging apps, extracting all information stored on a device and secretly turning on its microphone and camera to create a tool which spies on its owner.
Archiv: Citizen Lab (organization)
After NSO Group, warning issued against second Israeli spyware firm
(October 4, 2021)
The July report by Citizen‘s Lab and Microsoft found that Candiru had been used to spy on more than 100 human rights activists, regime opponents, journalists and scholars from countries such as Iran, Lebanon, Yemen, UK, Turkey and even Israel.
Revelations about Candiru make it the first time that fingers were being pointed at a second Israeli cyber-surveillance company, which is considered a competitor of the NSO Group. The notorious Israeli firm sparked a global scandal in July following the discovery that as many as 50,000 phones were targeted by its Pegasus spyware.
Cellphone Hacking and Millions in Gulf Deals: Inner Workings of Top Secret Israeli Cyberattack Firm Revealed
(Sep. 7, 2020)
NSO’s specialty is hacking smartphones. Up till now, little was known about Candiru. TheMarker has revealed that the firm offers hacking tools used to break into computers and servers, and now, for the first time, has confirmed it also has technology for breaking into mobile devices.
Meet Candiru — The Mysterious Mercenaries Hacking Apple And Microsoft PCs For Profit
(Oct 3, 2019)
Israel is home to scores of hacker-for-hire businesses, but one of the most clandestine has been Candiru. With no website and few records available, it’s operated largely under the radar.
But now a researcher is claiming the elite Tel Aviv-based firm sold cyber weapons to the government of Uzbekistan, while industry sources tell Forbes the company is hacking both Microsoft Windows and Apple Macs for various nation states.
Advanced Spyware From Israel‘s Candiru Discovered on Russian, Turkish, Palestinian Computers
Spyware made by the Tel Aviv-based hacking tool company Candiru has been found on several computers in Europe and the Middle East, the cybersecurity company ESET reported.
In their September report, ESET wrote that according to research published by Citizen Lab and the Microsoft Threat Intelligence Center in July about Candiru‘s DevilsTongue malware, it is „sold to third parties, which can abuse it to spy on various victims, including human rights defenders, dissidents, journalists, activists and politicians.“
‚Israeli spyware firm linked to fake Black Lives Matter, Amnesty websites‘
Using Internet scanning, a team of researchers from the University of Toronto‘s Citizen Lab and tech giant Microsoft identified more than 750 websites linked to Candiru‘s spyware infrastructure.
„We found many domains masquerading as advocacy organisations such as Amnesty International, the Black Lives Matter movement, as well as media companies and other civil-society themed entities,“ researcher Bill Marczak said in a statement.
Fighting cyberweapons built by private businesses
(15.07.2021)
We believe Sourgum is an Israel-based private sector offensive actor or PSOA. Citizen Lab has identified the group as a company called Candiru. Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure and internet-connected devices. These agencies then choose who to target and run the actual operations themselves.
Microsoft says Israeli group sold tools to hack Windows
(15.07.2021)
The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients, said a report by Citizen Lab.
Technical analysis by security researchers details how Candiru‘s hacking tool spread around the globe to numerous unnamed customers, where it was then used to target various civil society organizations, including a Saudi dissident group and a left-leaning Indonesian news outlet, the reports by Citizen Lab and Microsoft show.