WGNO

Meta takes action against spyware companies targeting 50K individuals

MENLO PARK, CALIFORNIA - OCTOBER 28: A pedestrian walks in front of a new logo and the name 'Meta' on the sign in front of Facebook headquarters on October 28, 2021 in Menlo Park, California. A new name and logo were unveiled at Facebook headquarters after a much anticipated name change for the social media platform. (Photo by Justin Sullivan/Getty Images)

(The Hill) – Meta, the parent company of Facebook, on Thursday announced that it was taking action to crackdown on seven surveillance-for-hire companies that had attempted to target around 50,000 users.

The company detailed its concerns around the surveillance groups in a threat report released Thursday, noting that it had disabled accounts used by the groups, shared its findings with other platforms and security researchers, had issued cease and desist warnings to six of the groups, and was warning impacted individuals in over 100 countries. 


Those targeted included journalists, human rights activists, government dissidents, families of opposition members, members of the clergy, and many others.

The companies Meta took action against, after a months-long investigation, were Israeli firm Cobwebs Technologies, whose spyware had been used to collect information on targets across a variety of social media platforms and the dark web. A second Israeli company, Cognyte, was also among those impacted by the actions announced Thursday, with 100 Facebook and Instagram accounts linked to Cognyte taken down.

Other companies impacted were Israeli-based groups Black Cube and Bluehawk CI, with 400 Facebook and Instagram accounts taken down connected to the two, India-based BellTroX, with 400 Facebook accounts posing as politicians and journalists taken down, and North Macedonian company Cytrox, which was tied to 300 Facebook and Instragram accounts that were removed.

The seventh group studied by Facebook was an unidentified Chinese entity, which was the only group that Meta was unable to issue a cease and desist order to. The Chinese entity was linked to 100 Facebook and Instagram accounts that were developing spyware for most operating systems, including iOS, Android, and Windows.

Nathaniel Gleicher, the head of Security Policy at Facebook, told reporters ahead of the report’s release that the online surveillance industry is akin to “indiscriminate targeting on behalf of the highest bidder.”

“Cyber mercenaries often claim that their services and surveillance ware are meant to focus on tracking criminals and terrorists, but our investigations and similar investigations by indepdendent researchers, our industry peers, and governments have demonstrated that the targeting is in fact indiscriminate,” Gleicher said.

The report was released amid the ongoing fallout of the addition of Israel company NSO Group to the Commerce Department’s “entity list” last month.

The move effectively blacklisted the company, and the step was taken over allegations that its Pegasus spyware had been sold to foreign governments that used to crackdown on dissidents and other groups. Since then, NSO Group has been in freefall, with The Wall Street Journal reporting earlier this week that executives were considering selling the business.

The Commerce Department also blacklisted three other companies–Israeli company Candiru,  Russian group Positive Technologies, and Singapore’s Computer Security Initiative Consultancy–over similar concerns.

Despite the actions taken by the U.S. government, Gleicher and other researchers stressed in the report the need to do more to protect consumers.

“For our collective response against abuse to be effective, it is imperative for technology platforms, civil society and democratic governments to raise the costs on this global industry and disincentivize these abusive surveillance-for-hire services,” the researchers wrote. “Our hope with this threat report is to contribute to this global effort and help shine the light on this industry.”