Meta accused these 'cyber mercenaries' of targeting journalists, critics of authoritarian regimes, dissidents, families of opposition members and human rights activists across the Internet in over 100 countries.
Facebook owner Meta has identified at least seven 'cyber mercenaries', including one that operated in India, which used to target users to collect intelligence by compromising their devices and accounts across the Internet.
The report, released late Thursday night (IST), noted that Meta had disabled these seven 'cyber mercenaries' who targeted journalists, critics of authoritarian regimes, dissidents, families of opposition members and human rights activists across the Internet in over 100 countries.
The explosive report noted how these seven global surveillance-for-hire entities were operating out of four countries -- China, Israel, India, and North Macedonia. In India, this nefarious activity was allegedly being carried out by New Delhi-based BellTroX Infotech Services. Meta says it removed about 400 Facebook accounts -- a majority of which were inactive for years -- that were being used to send malicious links and for surveillance and social engineering.
The six other firms identified by Facebook include:
a) Cobwebs Technologies
Location: Israel, but has offices in the United States
Meta Accusation: Enables reconnaissance across the Internet, including top social media platforms, WhatsApp, public and 'dark web' websites.
b) Cognyte (formerly WebintPro)
Location: Israel
Meta Accusation: Enables managing fake accounts across social media platforms and other websites to social-engineer people and collect data
c) Black Cube
Location: Israel
Meta Accusation: Provides surveillance services that include social engineering and intelligence gathering
d) Bluehawk CI
Location: Israel, but has offices in the United States and the United Kingdom
Meta Accusation: The firm sells surveillance-for-hire activities that include managing fake accounts to trick people into installing malware and gathering litigation-related intelligence about them.
e) Cytrox
Location: North Macedonia
Meta Accusation: Develops, exploits and sells surveillance tools and malware that enable its clients to compromise iOS and Android devices
f) Unknown Entity
Location: China
Meta Accusation: Developing surveillanceware for iOS, Android, Windows, Mac OS X, Linux and Solaris operating systems. It also engaged in reconnaissance and social engineering activity before delivering a malicious payload to its targets.
Meta claims that the BellTroX activity on its platform was regularly happening between 2013 to 2019, after which it paused. The West Delhi-based firm allegedly operated fake accounts to impersonate a politician and pose as journalists and environmental activists to social-engineer its targets to solicit information including their email addresses, likely for phishing attacks at a later stage, Meta reported.
To recall, an investigation done by international wire service Reuters last year mentioned how tens of thousands of malicious messages were allegedly sent by BellTroX between 2013 and 2020 that were aimed at tricking targetted individuals into giving up their passwords. Until last year, BellTroX employees on LinkedIn highlighted email penetration, corporate espionage, phone pinging, and cyber intelligence as their skillsets.
Meanwhile, Meta said it had notified around 50,000 people the company believed were targeted by these malicious activities worldwide. According to the Meta report, while these cyber mercenaries claim that their focus is only to track down criminals and terrorists, time and again, independent researchers and industry peers have shown how the surveillanceware is used to indiscriminately target journalists, dissidents, critics of authoritarian regimes, families of opposition and human rights activists.
Also Read: Google rewards India's Rony Das $5,000 for discovering, reporting bug
Also Read: Apple delays return to office, announces $1,000 bonus to all employees