Selloff or Market Correction? Either Way, Here's What to Do NextSee Overvalued Stocks

Facebook exposes mercenary spy firms that targeted 50,000 people

Published 12/16/2021, 03:06 PM
Updated 12/17/2021, 02:58 AM
© Reuters. FILE PHOTO: A 3D printed Facebook's new rebrand logo Meta and Facebook logo are placed on laptop keyboard in this illustration taken on November 2, 2021. REUTERS/Dado Ruvic/Illustration/File Photo
META
-
VRNT
-
TWTR
-

By Raphael Satter and Elizabeth Culliford

WASHINGTON (Reuters) - Facebook (NASDAQ:FB) owner Meta Platforms Inc is calling out half a dozen private surveillance companies for hacking or other abuses, accusing them in a report published Thursday of collectively targeting about 50,000 people across its platforms.

The company's fight with the spy firms comes amid a wider move by American tech companies, U.S. lawmakers and President Joe Biden's administration against purveyors of digital espionage services, notably the Israeli spyware company NSO Group, which was blacklisted earlier this month following weeks of revelations about how its technology was being deployed against civil society.

Meta is already suing NSO in a U.S. court. Nathaniel Gleicher, Meta's head of security policy, told Reuters that Thursday's crackdown was meant to signal that "the surveillance-for-hire industry is much broader than one company."

Meta's report said it was suspending roughly 1,500, mostly fake accounts run by seven organizations across Facebook, Instagram and WhatsApp. Meta said the entities targeted people in more than 100 countries.

Meta did not provide a detailed explanation of how it identified the surveillance firms, but it operates some of the world's biggest social and communications networks and regularly touts its ability to find and remove malicious actors from its platforms.

Among them is Israel's Black Cube, which became notorious for deploying its spies on behalf of Hollywood rapist Harvey Weinstein. Meta said the intelligence firm was deploying phantom personas to chat its targets up online and gather their emails, "likely for later phishing attacks."

In a statement, Black Cube said it "does not undertake any phishing or hacking" and said the firm routinely ensured "all our agents' activities are fully compliant with local laws."

Others called out by Meta include BellTroX, an Indian cyber mercenary firm exposed by Reuters and the internet watchdog Citizen Lab last year, an Israeli company called Bluehawk CI, and a European firm named Cytrox - all of whom Meta accused of hacking.

Cognyte, which was spun off from security giant Verint Systems (NASDAQ:VRNT) Inc in February, and Israeli firms Cobwebs Technologies were accused not of hacking but of using fake profiles to trick people into revealing private data.

Cognyte, Verint and Bluehawk did not immediately return messages seeking comment.

In an email, Cobwebs spokesperson Meital Levi Tal said the company drew on open sources and that its products "are not intrusive by any means." Messages left with Ivo Malinovski – who until recently identified himself as Cytrox's chief executive on LinkedIn – received no immediate response. BellTroX founder Sumit Gupta has not returned Reuters reporters' messages since his firm was exposed last year. He had previously denied wrongdoing.

Gleicher refused to identify any of the targets by name but Citizen Lab, in a report published at the same time as Meta's, said that one of Cytrox's victims was Egyptian opposition figure Ayman Nour.

Nour blamed the Egyptian government for the spying, telling Reuters in an interview from Istanbul that he had long suspected he was under surveillance by officials there.

"For the first time I have evidence," he said.

Egyptian authorities did not immediately respond to a request for comment.

Gleicher said other targets of the spy firms included celebrities, politicians, journalists, lawyers, executives and regular citizens. Friends and family of the targets were also swept up in the espionage campaigns, he said.

Meta cybersecurity official David Agranovich said he hoped Thursday's announcement would "kickstart the disruption of the surveillance-for-hire market." There were some signs that other social media firms were taking similar action, with Twitter (NYSE:TWTR) announcing the removal of 300 accounts a few hours after Meta's announcement.

Whether the takedowns deal the companies involved more than a temporary setback remains to be seen. Two of the companies, Black Cube and BellTroX, have bounced back after being embroiled in previous spy scandals.

Gleicher said that targets of the spy firms would receive automated warnings, but he said Facebook would stop short of identifying the specific firms involved or their clients. That's despite the fact that Facebook said it had identified several customers of Cobwebs, Cognyte, Cytrox, and Black Cube - the latter of which includes law firms.

© Reuters. FILE PHOTO: A Facebook logo is displayed on a smartphone in this illustration taken January 6, 2020. REUTERS/Dado Ruvic/Illustration

Marta Pardavi, one of several Hungarian human rights defenders who say they were targeted by Black Cube in 2017 and 2018, said she was gratified by the news of Facebook's report but wanted more information.

"They name law firms," she said. "But law firms have clients. Who are the clients for these law firms?"

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.