Skip to main content

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India.



Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages.


The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries.


"The global surveillance-for-hire industry continues to grow and indiscriminately target people – including journalists, activists, litigants, and political opposition – to collect intelligence, manipulate and compromise their devices and accounts across the internet," the company noted in a report published last week.


The networks that were found to engage in coordinated inauthentic behavior (CIB) originated from 68 countries. More than 100 nations are said to have been targeted by at least one such network, either foreign or domestic.


With 34 operations, the U.S. emerged as the most frequently targeted nation during the five-year period, followed by Ukraine (20) and the U.K. (16).


The top three geographic sources of CIB networks during the same timeframe were Russia (34), Iran (29), and Mexico (13). On top of that, an Iranian network disrupted by Meta in April 2020 focused on 18 countries at a time, indicating the scope of foreign interference in these campaigns.


"Notably, both our first takedown and our 200th takedown were of CIB networks originating from Russia," Meta's Ben Nimmo and David Agranovich said. "The latter takedown targeted Ukraine and other countries in Europe."


The activity, the details of which the company first disclosed in September 2022, has since been attributed as the work of two companies, Structura National Technologies and Social Design Agency (Агентство Социального Проектирования), located in the country.




That said, CIB networks run across the world have often been found targeting people in their own country, not to mention have a cross-platform presence that go beyond Facebook and Instagram to encompass Twitter, Telegram, TikTok, Blogspot, YouTube, Odnoklassniki, VKontakte, Change[.]org, Avaaz, and LiveJournal.


Meta further highlighted a "rapid rise" in the use of profile pictures created through artificial intelligence techniques like generative adversarial networks (GAN) since 2019 in a bid to pass off rogue accounts as more authentic and evade detection.


Tackling Platform Abuse by Spyware Entities#

In a related report on surveillance-for-hire operations, the Menlo Park-based company said it removed a network of 130 accounts created by an Israeli company named Candiru that used these fake accounts to test phishing capabilities by sending malicious links designed to deploy malware.


A second set of 250 accounts on Facebook and Instagram linked to another Israeli company called QuaDream was found "engaged in a similar testing activity between their own fake accounts, targeting Android and iOS devices in what we assess to be an attempt to test capabilities to exfiltrate various types of data including messages, images, video and audio files, and geolocation."


Both Candiru and QuaDream were founded by former employees of NSO Group, a controversial cyber intelligence firm that has come under fire for selling its invasive technology, Pegasus, to governments with poor human rights records.


What's more, Meta said it removed more than 5,000 accounts belonging to companies such as Social Links, Cyber Globes, Avalanche, and an unattributed entity in China that used the fraudulent accounts to scrape publicly available information and market "web intelligence services."


Nearly 3,700 of those Facebook and Instagram accounts were attributed to Social Links, with the China-based network of 900 accounts targeting military personnel, activists, government employees, politicians, and journalists in Myanmar, India, Taiwan, the U.S., and China.


Besides relying on fake accounts, spyware vendors have also been caught relying on other legitimate tools to conceal their origin and conduct malicious activities. One such example is the Indian hack-for-hire firm CyberRoot, which utilized a marketing solution known as Branch to create, manage, and track phishing links.


CyberRoot has also been estimated to operate over 40 fictitious accounts that impersonated journalists, business executives, and media personalities to gain the trust of targets and send phishing links spoofing services like Gmail, Zoom, Facebook, Dropbox, Yahoo, OneDrive, and Outlook to steal their credentials.


Law firms, cosmetic surgery clinics, real estate companies, investment and private equity firms, pharmaceuticals, media houses, activist groups, and gambling entities are believed to have been targeted by the mercenary actor.


spyware entities

CyberRoot is the second Indian surveillance-for-hire firm to come under the radar after BellTroX, whose accounts were flagged and disbanded by the company in 2021. Coincidentally, it's also said to have been assisted by BellTroX in the past.

"These companies are part of a sprawling industry that provides intrusive software tools and surveillance services indiscriminately to any customer — regardless of who they target or the human rights abuses they might enable," Meta said.


"In a sense, this industry 'democratizes' these threats, making them available to government and non-government groups that otherwise wouldn't have these capabilities to cause harm."


Source; THN.



Comments

Popular posts from this blog

Escaped Murder Suspect Finally Arrested in Yumbe Regional Referral Hospital, Yumbe District.

Story by Osuta Yusuf. 19-November-2024. 📸: Eyotre Kennedy handcuffed on bed while receiving medication this morning at Yumbe Regional Referral Hospital in Yumbe District. Eyotre Kennedy originating from Etoko village, Nyoroo Parish, Nyadri Sub-county in Maracha District who has for many years been terrorizing residents in his village, has finally been arrested this Monday morning 19-November-2024 while receiving treatment at Yumbe Regional Referral Hospital in Yumbe District following injuries he sustained from Theft mission on Saturday night 16-November-2024 in Owapi village, Azapi parish in Odupi Sub-county, Terego East Constituency in Terego District. Click here on the link  https://informationispowah.blogspot.com/2024/11/fugitive-who-chopped-3-people-killed.html   to read the story on his Theft of Goats in Terego. Upon getting cut on the finger and leg by the Mob as he attempted to fight and overpower owner of the goats he attempted to steal on Saturday night ...

41-Years-Old Man Digs His Own Grave in Maracha District.

Story by Osuta Yusuf.  Maracha District.  📸: The grave been dug by Mr Opiga Michael, a victim of frustration. Photo taken by Osuta Yusuf , on Wednesday 11-September-2024. The residents of Ebapi village, Baria Parish in Nyadri Sub-county, Maracha east constituency, Maracha District are in shock after a 41 year old man started digging his own grave. The man, identified as Mr Opiga Michael, who seems to be frustrated over some challenges in life, started digging his own grave on Tuesday 10-September-2024 until he was stopped by the elders in Nyaria clan. 📸: Opiga Michael, the Victim of Frustration. Photo by Osuta Yusuf , Information is Power. While speaking to our reporter on Wednesday evening 11-September-2024, Mr Opiga Michael, said, his main plan  was to commit suicide after finishing digging the grave for burying himself, explained that, he feels frustrated, abandoned and hated by his own clan people, whom he accused of piling lies against him a...

Wedded Ayivu West MP Lematia John Fights Over Another Woman.

  📸: Hon Lematia John. By URN. Police in Arua district are investigating a case of assault and threatening violence involving the Member of Parliament for Ayivu West Constituency John Lematia and James Ariko, a DSTV technician in Arua city. Drama ensued on Easter Sunday 31-3-2024 at Dream Land Hotel located at Kuluva trading center along Arua-Nebbi highway in Arua district when the legislator and the technician engaged in a fight reportedly over a woman identified as Faith Eyotaru 25, a relationship officer at Victoria University Kampala. The scuffle started after Ayivu West Mp John Lematia went to swim at Dreamland Hotel with Faith Eyotaru only to find Ariko, who had gone to the same hotel earlier. However, upon seeing the duo coming out of the vehicle, Ariko confronted Lematia with both men claiming to be having a relationship with the lady. It took the intervention of the staff at the hotel who intervened and separated the fight between the men. Josephine Angucia, the West Nil...