Meta exposes spy companies targeting 50,000 people

According to a report published Thursday, Facebook owner Meta Platforms is exposing half a dozen private surveillance companies for hacking or other abuses, accusing them of collectively targeting about 50,000 people across its platforms.

As such, Meta banned seven “surveillance for hire” companies that targeted those people and banned more than 1,000 accounts associated with these companies.

Users affected by the activity would get automated warnings they had been impacted without giving specifics, Meta officials said.

Some companies make spyware while others use different tactics, including social engineering with fake accounts, to gain access to targets’ personal information.

Meta’s security chief Nathaniel Gleicher said that while there has been a lot of attention on “hacking for hire” groups like NSO, the broader “surveillance for hire” industry is also troubling. “One of the things that characterize the surveillance or hire industry is indiscriminate targeting,” he said.

“Cyber mercenaries often claim that their services and their surveillance are meant to focus on tracking criminals and terrorists,” he noted.

“But our investigation and similar investigations have demonstrated that the targeting is, in fact, indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition figures, and human rights activists,” Gleicher added.

However, Meta says it will notify around 50,000 people from more than 100 countries who it believes were targeted by these companies. Facebook will recommend these users revisit their privacy settings and enable additional account security measures like two-factor authentication.

Therefore, the report further scrutinizes the surveillance industry, following on from allegations earlier this year about the Pegasus spyware targeting thousands.

Facebook is already taking legal action against the owners of Pegasus – NSO Group – over the alleged spreading of software via WhatsApp. Last month, the U.S. government blacklisted the firm and others, accusing them of providing spyware for foreign governments to “maliciously target” individuals.

Gleicher highlighted that investigators had found targeting that was “indiscriminate,” including ordinary members of the public as well as high-profile figures like politicians and human rights advocates.

It is worth mentioning that among the firms named by Meta was the Israeli firm Black Cube, which rose to prominence after it emerged Harvey Weinstein had hired them to spy on women accusing him of sexual assault.

In a statement to Reuters, Black Cube denied undertaking “phishing or hacking” and said all of its agents’ activities were “fully compliant with local laws.”