Security News Google Links Over 60 Zero-Days to Commercial Spyware Vendors

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,178
Content source
https://www.securityweek.com/google-links-over-60-zero-days-to-commercial-spyware-vendors/
More than 60 of the Apple, Adobe, Google, Microsoft, and Mozilla product zero-day vulnerabilities that have come to light since 2016 have been attributed to commercial spyware vendors, Google said in a new report published on Tuesday.

The tech giant’s report provides insights into the operations of companies that help governments install spyware on devices. While these commercial spyware vendors claim that their products and services are only used for lawful surveillance, typically for law enforcement purposes, numerous investigations have shown that oppressive regimes are using them to target political opponents, journalists, dissidents, and human rights defenders.
Click to expand...
Google’s Threat Analysis Group (TAG) currently tracks roughly 40 commercial spyware vendors that develop and sell exploits and malware to governments.

In its latest report, Google names 11 of these vendors, including Candiru, Cy4Gate, DSIRF, Intellexa, Negg, NSO Group, PARS Defense, QuaDream, RCS Lab, Variston, and Wintego Systems.
Click to expand...
 
  • +Reputation
  • Like
Reactions: upnorth, Andy Ful, SeriousHoax and 5 others
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,492
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry.

The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.

"Their various malware included capabilities to collect and access device information, location, photos and media, contacts, calendar, email, SMS, social media, and messaging apps, and enable microphone,camera, and screenshot functionality," the company said.

The eight companies are Cy4Gate/ELT Group, RCS Labs, IPS Intelligence, Variston IT, TrueL IT, Protect Electronic Systems, Negg Group, and Mollitiam Industries.

These firms, per Meta, also engaged in scraping, social engineering, and phishing activity that targeted a wide range of platforms such as Facebook, Instagram, X (formerly Twitter), YouTube, Skype, GitHub, Reddit, Google, LinkedIn, Quora, Tumblr, VK, Flickr, TikTok, SnapChat, Gettr, Viber, Twitch and Telegram.
Click to expand...
thehackernews.com

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

Meta uncovers a range of international spyware firms are actively targeting users across iOS, Android, and Windows devices.
thehackernews.com thehackernews.com
 
  • Like
  • +Reputation
Reactions: Andy Ful, simmerskool and silversurfer

Similar threads

vtqhtr413
    • Wow
    • +Reputation
    • Sad
US offering spyware to other countries? Uncle Sam confirms it's saying nothing
Replies
6
Views
1,449
News Archive
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • +Reputation
Google: Android patch gap makes n-days as dangerous as zero-days
Replies
7
Views
1,212
News Archive
ForgottenSeer 97327
F
upnorth
    • Like
    • Wow
    • +Reputation
Emerging Heliconia Exploit Framework for RCE
Replies
1
Views
579
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top