Meta (formerly known as Facebook) has announced it will ban seven surveillance-for-hire entities in order to prevent their spying activities on social media after a months-long investigation.
According to the report, these firms targetted individuals in over 100 countries, potentially affecting 48,000 victims, ranging from journalists to human rights activists. The entities are based in China, Israel, India, and North Macedonia. In a disciplinary action, they were banned from the platform, and Meta announced it has reached out to security professionals and other social media providers to encourage them to adopt similar measures.
The following organizations were banned:
Cobwebs Technologies - an Israeli company with over 200 accounts. Operated via selling access to their infrastructure and employing social engineering tactics to obtain sensitive data of online users. This information was sold to clients across the world, including the US and China, and targeted political activists and opposition leaders in Hong Kong and Mexico.
Cognyte - an Israeli organization with approximately 100 accounts. Worked in a similar manner by providing access to fake accounts to customers in Israel, Serbia, Colombia, Kenya, Morocco, Mexico, Jordan, Thailand, and Indonesia. Primarily targeted journalists and political leaders.
Black Cube - an Israeli organization with approximately 300 accounts. Used their accounts to pose as credible individuals in order to gather information and obtain personal data, later used for phishing and social engineering campaigns. Provided that information to customers across the world, including businesses, NGOs, individuals, and law firms. Their targets included people from different sectors and countries, such as the medical, mining, and energy industries, as well as Russian universities, high-tech, finance, and legal professionals.
Bluehawk CI - an Israel-based company with 100 accounts. Offered various services, including social engineering campaigns, malware, and gathering of intelligence. By posing as media professionals, attempted to trick users into having a recorded interview with them, targeting political opponents and businessmen in different countries.
BellTroX - a Delhi-based firm with around 400 accounts. Similarly, posed as credible sources to trick people into providing personal information, which would later be used for social engineering and phishing campaigns. The entity also participated in spreading malicious links. Their targets included lawyers, doctors, and activists.
Cytrox - a North Macedonian entity with approximately 300 accounts. Operated by distributing surveillance tools and malware to infect iOS and Android devices. Also were involved in phishing and social engineering campaigns, similarly by posing as credible sources. Their targets included government workers, politicians, and journalists, and they sold their services to customers in various countries, including Egypt, Greece, Saudi Arabia, and Germany.
An unidentified organization - a Chinese firm with 100 accounts, which is not identified by name. Operated via conducting social engineering campaigns, spreading malware, and developing malware tools for Android, iOS, Windows, and many operating systems. Their customers were based across the world, but the activities were mostly targeted at the Asia-Pacific region, with the aim to spy on local minorities.
What do surveillance-for-hire firms do?
Such entities operate by providing surveillance and malware tools to customers globally with little to no differentiation between them. They also work via employing social engineering and phishing campaigns to trick users into revealing sensitive information, which would later allow to either gather information about them or infect their devices.
While surveillance-for-hire firms usually state that they are operating out of benevolent motives, such as spying on criminals, Meta’s report suggests that there is little discrimination in targets, which often include minorities, oppositional leaders, and journalists. Through their customer-based business model, anyone from big agencies to individuals can participate in criminal activity, thus fueling the cybercrime market.
More from CyberNews
Subscribe to our newsletter