Facebook exposes mercenary spy companies that targeted 50,000 people

WASHINGTON, Dec.16 (Reuters) – Facebook owner Meta Platforms Inc (FB.O) calls half a dozen private watch companies for hacking or other abuse, accusing them in a report released Thursday of collectively targeting around 50 000 people on its platforms.

The company’s fight against spy companies comes amid broader action by US tech companies, US lawmakers and President Joe Biden’s administration against digital spy service providers, including Israeli spyware company NSO Group, which was blacklisted earlier this month after weeks of revelations about how its technology was being deployed against civil society.

Meta is already suing NSO in a US court. Nathaniel Gleicher, head of security policy at Meta, told Reuters that Thursday’s crackdown was intended to signal that “the rental surveillance industry is much larger than a single company.”

Register now for FREE and unlimited access to Reuters.com

Register

The Meta report said it was suspending around 1,500 accounts, mostly fake accounts managed by seven organizations on Facebook, Instagram and WhatsApp. Meta said the entities are targeting people in more than 100 countries.

Meta hasn’t provided a detailed explanation of how it identified surveillance companies, but it operates some of the world’s largest social and communications networks and regularly touts its ability to find and remove malicious actors from. its platforms.

Among them is Israel’s Black Cube, which has become notorious for deploying its spies on behalf of Hollywood rapist Harvey Weinstein. Meta said the intelligence firm was deploying ghost characters to chat online with its targets and collect their emails, “possibly for subsequent phishing attacks.”

In a statement, Black Cube said it “does not engage in any phishing or hacking” and said the company regularly ensures that “all activities of our agents are in full compliance with local laws.”

Other people called by Meta include BellTroX, an Indian cyber-merchant company denounced by Reuters and Internet watchdog Citizen Lab last year, an Israeli company called Bluehawk CI and a European company named Cytrox – which Meta accuses hacking.

Cognyte (CGNT.O), which was derived from security giant Verint Systems Inc (VRNT.O) in February, and Israeli companies Cobwebs Technologies were accused not of hacking but of using fake profiles to trick people into people to reveal private data.

Cognyte, Verint, and Bluehawk did not immediately return messages seeking comment.

A Facebook logo is displayed on a smartphone in this illustration taken on January 6, 2020. REUTERS / Dado Ruvic / Illustration

In an email, Cobwebs spokesperson Meital Levi Tal said the company relies on open sources and its products “are not intrusive in any way.” Messages left with Ivo Malinovsky – who until recently identified himself as the CEO of Cytrox on LinkedIn – received no immediate response. BellTroX founder Sumit Gupta has not responded to messages from Reuters reporters since his company was exposed last year. He had previously denied having committed any wrongdoing.

Gleicher declined to identify any of the targets by name, but Citizen Lab, in a report released alongside Meta’s, said one of Cytrox’s victims was Egyptian opposition figure Ayman Nour.

Nour blamed the Egyptian government for the espionage, telling Reuters in an interview from Istanbul that he had long suspected he was under surveillance by officials there.

“For the first time, I have proof,” he said.

Egyptian authorities did not immediately respond to a request for comment.

Gleicher said other targets of the spy companies included celebrities, politicians, journalists, lawyers, executives and ordinary citizens. Friends and family of targets have also been drawn into espionage campaigns, he said.

Meta cybersecurity chief David Agranovich said he hopes Thursday’s announcement “will trigger disruption in the rental surveillance market.” There were signs other social media companies were taking similar action, with Twitter announcing the deletion of 300 accounts within hours of Meta’s announcement.

It remains to be seen whether the cutbacks treat the companies involved more than a temporary setback. Two of the companies, Black Cube and BellTroX, have rebounded after being embroiled in previous spy scandals.

Gleicher said the targets of the spy companies would receive automated warnings, but he said Facebook would shut down before identifying the specific companies involved or their customers. This is despite the fact that Facebook said it has identified several clients of Cobwebs, Cognyte, Cytrox and Black Cube – the latter of which includes law firms.

Marta Pardavi, one of the many Hungarian human rights defenders who say she was targeted by Black Cube in 2017 and 2018, said she was happy with the news of the Facebook report but wanted more information.

“They appoint law firms,” she said. “But law firms have clients. Who are the clients of these firms? “

Register now for FREE and unlimited access to Reuters.com

Register

Reporting by Raphael Satter in Washington and Elizbeth Culliford in Birmingham, England; Additional reporting by Dominic Evans in Istanbul and Christopher Bing in Washington; Editing by Lisa Shumaker

Our Standards: Thomson Reuters Trust Principles.

About Chris Stevenson

Check Also

Fully vaccinated people always receive the omicron variant. here’s why

The omicron variant of the new coronavirus has changed the way the fully vaccinated world …