Israeli group sold hacking tools to spy on Windows

Microsoft along with technology human rights group Citizen Lab said on Thursday that an Israeli private firm named Candiru sold hacking tools that controls Microsoft Windows.  

The hackers created and sold a software than can penetrate Windows. This new growing business aim to find flows in common software platforms for their clients, according to a report by Citizen Lab.  

The clients of these hacking tool makers can be various civil society organizations. Citizen Lab and Microsoft separate reports said that these clients might include a Saudi rebel group and a left-leaning Indonesian news outlet. 

The hacking tool was deployed against users in several countries, including Iran, Lebanon, Spain, and U.K., according to the Citizen Lab report. 

“Candiru’s growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab said in its report. 

It is worth mentioning that Microsoft fixed the discovered flaws on Tuesday through a software update, according to a Microsoft blog post

However, the tech giant did not directly attribute the exploits to Candiru, instead referring to it as an “Israel-based private sector offensive actor” under the codename Sourgum. 

“Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure, and internet-connected devices,” Microsoft wrote.  

In parallel, Google released on Wednesday a blog post where it disclosed two Chrome software flaws that Citizen Lab found connected to Candiru. Google also did not refer to Candiru by name but described it as a “commercial surveillance company.”