- by theverge
- 30 Oct 2024
Researchers have found new evidence that suggests spyware made by an Israeli company that was recently blacklisted in the US has been used to target critics of Saudi Arabia and other autocratic regimes, including some readers of a London-based news website.
A report by Montreal-based researchers from Slovakian company Eset, an internet security firm, found links between attacks against high-profile websites in the Middle East and UK, and the Israeli company Candiru, which has been called Israelâs âmost mysterious cyberwarfare companyâ.
Candiru and NSO Group, a much more prominent Israeli surveillance company, were both added to a US blacklist this month after the Biden administration took the rare step of accusing the firms of acting against US national security interests.
The Eset report revealed new information about so-called âwatering hole attacksâ. In such attacks, spyware users launch malware against ordinary websites that are known to attract readers or users who are considered âtargets of interestâ by the user of the malware.
The sophisticated attacks allow the malware user to identify characteristics about the individuals who have visited the website, including what kind of browser and operating system they are using. In some cases the malware user can then launch an exploit that allows them to take over an individual targetâs computer.
Unlike NSO Groupâs signature spyware, which is called Pegasus and infects mobile phones, Candiruâs malware is believed by researchers to infect computers. The company appears to be named after a parasitic freshwater catfish that can be found in the Amazon.
The researchers found that the websites that were âknown targetsâ of this kind of attack included Middle East Eye, a London-based news website, and multiple websites associated with government ministries in Iran and Yemen.
A Delta Air Lines flight bound for New York City from Las Vegas made an emergency landing shortly after takeoff on October 29, 2024, due to fumes in the cockpit. Flight DL2133, originating from Harry Reid International Airport (LAS) in Las Vegas and destined for LaGuardia Airport (LGA) in New York, reported an issue within minutes of departure, leading the crew to declare an emergency and return to the Las Vegas airport for a safe landing.
read more