[HN Gopher] Hooking Candiru: Another mercenary spyware vendor co...
___________________________________________________________________
Hooking Candiru: Another mercenary spyware vendor comes into focus
Author : colinprince
Score : 149 points
Date : 2021-07-16 13:21 UTC (9 hours ago)
(HTM) web link (citizenlab.ca)
(TXT) w3m dump (citizenlab.ca)
| weeweww32 wrote:
| oy vey
| 1cvmask wrote:
| The other Israeli hacking company was NSO Group which was
| allegedly used in the killing of Khashoggi:
|
| https://www.business-humanrights.org/en/latest-news/nso-grou...
| srean wrote:
| Also for targeting activists in India to arrest them on trumped
| charges and planted evidence on the Bhima Koregaon case. All of
| them are being held without trial -- a norm of sorts for the
| current Indian government
|
| The held include activists, reputed professors from IIT.
|
| https://citizenlab.ca/?s=koregaon
|
| https://www.washingtonpost.com/world/2021/04/20/india-bhima-...
| (paywalled)
|
| https://www.washingtonpost.com/world/2021/07/06/bhima-korega...
| (paywalled)
|
| https://www.washingtonpost.com/context/new-forensics-report-...
| (downloadable report)
| hkon wrote:
| I am curious as to how exactly the spyware got on the victims
| computers. In the Microsoft blog, they mention a chain of
| exploits. But it could be interesting to understand how they are
| able to target an individual system with such precision.
| afrcnc wrote:
| Can we submit non-paywalled links. Like the actual source:
| https://citizenlab.ca/2021/07/hooking-candiru-another-mercen...
| floatingatoll wrote:
| The mods have since responded that they've fixed it, but in the
| future, if you'd like them to respond sooner, you can email
| them about stuff like this using the footer contact link and
| they can usually fix it rapidly.
| qwerty456127 wrote:
| As a society, we absolutely have to start actively developing
| software (OS in the first place) and hardware with privacy as a
| topmost priority. Using Windows and common Windows apps leaves
| bizarrely many tracks on the computer. Just take a look at one of
| the many resources on "computer forensics" and you'll see.
|
| And I doubt this can be addressed without decreasing complexity.
| deregulateMed wrote:
| I wonder if those supposedly secure Linux distros are actually
| secure.
|
| Anything from MS, Google, and Apple cannot be trusted.
| ipaddr wrote:
| kde linux is popular.
| [deleted]
| dogma1138 wrote:
| Microsoft didn't attributed it to an Israeli firm, Citizen Lab
| did.
|
| Another article on this also showed pricing reported by Citizen
| Lab, $1.8 per 10 devices if this is true this market will be
| exploding unless it will be heavily regulated..
| dang wrote:
| We've changed the title from "Israeli Firm's Spyware Used
| Against Dissidents, Microsoft Says" as part of changing the URL
| from
| https://www.bloomberg.com/news/articles/2021-07-15/israeli-f...
| to the report it points to.
| [deleted]
| dogleash wrote:
| >Microsoft doesn't name Candiru but instead refers to an
| "Israel-based private sector offensive actor" it calls Sourgum.
|
| https://blogs.microsoft.com/on-the-issues/2021/07/15/cyberwe...
|
| >We believe Sourgum is an Israel-based private sector offensive
| actor or PSOA.
| dogma1138 wrote:
| > We believe Sourgum is an Israel-based private sector
| offensive actor or PSOA. Citizen Lab has identified the group
| as a company called Candiru. Sourgum generally sells
| cyberweapons that enable its customers, often government
| agencies around the world, to hack into their targets'
| computers, phones, network infrastructure and internet-
| connected devices.
| ManBlanket wrote:
| I just want to point out Candiru is a fish that supposedly
| wriggles up someone's ding-dong when they pee in Amazonian
| rivers while swimming? I'm... gravely... skeptical that it
| ever actually happens, if I were to guess it's one of those,
| "I fell on it while getting dressed" situations that are
| occasionally explained to amused ER doctors. Maybe even one
| of those, "they put a chemical in the pool that makes the
| water turn purple when you pee." Whatever the deal with
| Candiru is, at some point someone suggested naming their
| spyware after the urethra fish. They might be making the
| world a worse place, but you can't say they don't have a
| sense of humor about it.
| randomhodler84 wrote:
| Oh I don't see humor in it at all. These guys picked the
| name of something that crawls up your urethra because that
| is how they saw themselves. These are Monsters, not people.
| [deleted]
| tgragnato wrote:
| Funny thing is that they used zcombinator[.]co for one of their
| C2
| colinprince wrote:
| Let's link to a non-paywalled article:
| https://citizenlab.ca/2021/07/hooking-candiru-another-mercen...
|
| (instead of:
| https://www.bloomberg.com/news/articles/2021-07-15/israeli-f... )
| dang wrote:
| Changed.
___________________________________________________________________
(page generated 2021-07-16 23:00 UTC)