The hacking tool vendor named Candiru has created and sold a software exploit that can penetrate Windows.
An Israeli group has sold a tool to hack Microsoft Windows, Microsoft and human rights group Citizen Lab said Thursday, highlighting the growing activity of finding and selling tools to hack widely used software.
(Subscribe to our Today’s Cache newsletter for a quick rundown of the 5 best tech stories. Click here to subscribe for free.)
Hacking tool vendor named Candiru has created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secret industry that finds loopholes in common software platforms for their customers. , according to a Citizen Lab report.
Technical analysis by security researchers details how Candiru’s hack tool spread around the world to many anonymous customers, where it was then used to target various civil society organizations, including a Saudi dissident group and Indonesian left-wing media, according to Citizen Lab reports. and Microsoft show.
Attempts to reach Candiru for comment were unsuccessful.
According to the Citizen Lab report, evidence of the exploit recovered by Microsoft Corp suggests that it was deployed against users in several countries, including Iran, Lebanon, Spain and the United Kingdom.
âThe growing presence of Candiru and the use of its surveillance technology against global civil society is a powerful reminder that the mercenary spyware industry has many players and is subject to widespread abuse,â Citizen Lab said in his report.
Microsoft corrected the flaws discovered on Tuesday via a software update. Microsoft did not directly attribute the exploits to Candiru, instead calling him an “offensive Israel-based private sector player” under the code name Sourgum.
Read also | Microsoft Says New Breach Discovered In SolarWinds Suspected Hacker Investigation
“Sourgum typically sells cyber weapons that allow its customers, often government agencies around the world, to hack into the computers, phones, network infrastructure, and Internet-connected devices of their targets,” Microsoft wrote in an article by blog. “These agencies then choose who to target and execute the operations themselves.”
Candiru’s tools also exploited weaknesses in other popular software products, like Google’s Chrome browser.
Google published a blog post on Wednesday revealing two Chrome software flaws that Citizen Lab found related to Candiru. Google also did not refer to Candiru by name, but described it as a “trade watch company”. Google fixed both vulnerabilities earlier this year.
Computer weapons dealers like Candiru often string together multiple software vulnerabilities to create effective exploits that can reliably break into remote computers without the target’s knowledge, according to computer security experts.
These types of secret systems cost millions of dollars and are often sold on a subscription basis, forcing customers to repeatedly pay a vendor for continued access, people familiar with the cyber weapons industry told Reuters.
âGroups don’t need to have technical expertise anymore, now they just need resources,â Google wrote in its blog post.