(San Francisco) Meta said Thursday it has closed some 1,500 Facebook and Instagram accounts linked to “cyber mercenaries” who have used them to spy on up to 50,000 activists, dissidents and journalists on behalf of clients around the world.
The accounts in question were connected to seven companies offering services ranging from collecting public information online, using fake identities to connect with targets to digital espionage via hacking.
Meta, the new name of Mark Zuckerberg’s group, claims to have alerted some 50,000 people who may have been targeted.
“These cyber-mercenaries often claim that their services only target criminals and terrorists,” said Meta in a report.
“Their targeting is in fact indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition members and human rights activists,” the company adds.
Four of the companies involved are based in Israel, a country renowned in the cybersurveillance sector: Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI.
The other three are India-based BellTroX, North Macedonia-based Cytrox, and an unidentified China-based company.
These companies “seem ready to target anyone on behalf of the highest bidder,” said Nathaniel Gleicher, head of security, during a press briefing.
They generally present themselves as “internet intelligence services”, specializing in the collection and analysis of information retrieved from sites, blogs, discussion forums, media pages, etc.
– Sensitive data –
Cyber-mercenaries sometimes create fake social media accounts to glean even more personal items, even joining the groups or conversations these people participate in.
Companies also sometimes try to gain the trust of their target before deceiving them by sending them trapped links or attachments and thus fraudulently gain access to their phones or computers.
They can then recover sensitive data like passwords, phone numbers, photos, videos and messages, the report describes. They can also activate microphones, cameras or geolocation functions to better spy.
For Democratic parliamentarian and chairman of a congressional intelligence committee, Adam Schiff, this Meta announcement “makes it clear that more needs to be done to stop this mercenary market.”
Meta could not determine who ran the company operating from China, but found that some of the servers used for espionage also appeared to be used by law enforcement officers.
“Our investigation revealed that malicious tools were being used to monitor minority groups throughout the Asia-Pacific region, including the Xinjiang region of China, Burma and Hong Kong,” the report said.
One of the companies targeted, Cytrox, was also accused Thursday by researchers from Citizen Lab, the cybersecurity organization of the University of Toronto, of having developed software used to spy on at least two Egyptians, a politician in exile, Ayman Nour, and host of a popular news program, who wished to remain anonymous.
Another company targeted by Meta, Black Cube, on Thursday denied the accusations to AFP, saying it was not carrying out any hacking operation or even operating in the “cyber world”. Black Cube, says the company, is a legal aid firm using legal methods to obtain information on litigation.