Microsoft says Israeli group sold tools to hack Windows

Must read

How to disable and delete Samsung Pay from your Galaxy phone

When it comes to paying conveniently, Samsung Pay makes using your phone as a bank card an easy process; however, there may come...

Best OnePlus Nord N200 5G cases 2021

Best OnePlus Nord N200 5G cases Android Central 2021 The best OnePlus Nord N200 5G cases will protect your new sleek device and keep its 90Hz Full...
Bhawani Singhhttps://techmepro.com
I am a blogger who believes in delivering latest tech news from around the world to my viewers.

An Israeli group sold a tool to hack into Microsoft Windows, Microsoft and technology human rights group Citizen Lab said on Thursday, shedding light on the growing business of finding and selling tools to hack widely used software.

The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients, said a report by Citizen Lab.


Technical analysis by security researchers details how Candiru’s hacking tool spread around the globe to numerous unnamed customers, where it was then used to target various civil society organizations, including a Saudi dissident group and a left-leaning Indonesian news outlet, the reports by Citizen Lab and Microsoft show.

Attempts to reach Candiru for comment were unsuccesful.

Evidence of the exploit recovered by Microsoft Corp suggested it was deployed against users in several countries, including Iran, Lebanon, Spain and the United Kingdom, according to the Citizen Lab report.


“Candiru’s growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab said in its report.

Microsoft fixed the discovered flaws on Tuesday through a software update. Microsoft did not directly attribute the exploits to Candiru, instead referring to it as an “Israel-based private sector offensive actor” under the codename Sourgum.

“Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure, and internet-connected devices,” Microsoft wrote in a blog post. “These agencies then choose who to target and run the actual operations themselves.”

Candiru’s tools also exploited weaknesses in other common software products, like Google’s Chrome browser.

On Wednesday, Google released a blog post where it disclosed two Chrome software flaws that Citizen Lab found connected to Candiru. Google also did not refer to Candiru by name, but described it as a “commercial surveillance company.” Google patched the two vulnerabilities earlier this year.

Cyber arms dealers like Candiru often chain multiple software vulnerabilities together to create effective exploits that can reliably break into computers remotely without a target’s knowledge, computer security experts say.

Those types of covert systems cost millions of dollars and are often sold on a subscription basis, making it necessary for customers to repeatedly pay a provider for continued access, people familiar with the cyber arms industry told Reuters.

“No longer do groups need to have the technical expertise, now they just need resources,” Google wrote in its blog post.

This story has been published from a wire agency feed without modifications to the text.

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint.
Download
our App Now!!

Source link

More articles

Leave a Reply

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

- Advertisement -

Latest article

Finding answers to the world’s drinking water crisis

However, this may not matter. A study conducted by scientists from Israel's Tel Aviv University found that even in urban areas such as...

Realme to Start Export of ‘India-Made’ Smartphones to Nepal From Q3

In India, Realme - with a 14.6 per cent market share in the June 2021 quarter.Realme is among the top four smartphone brands...

Rainbow Six Siege hints at a new Extraction themed event on the Consulate map

Rainbow Six Siege developers at Ubisoft seem to be teasing an upcoming event on the Consulate map. From what we have seen so...

AMD Radeon RX 6600 XT Graphics Cards Announced for 1080p Gaming

AMD has unveiled the new Radeon RX 6600 XT mid-range GPU, aimed at gamers who want to target high performance and high refresh...
- Advertisement -