Mexican Drug Cartels with High-Tech Spyware

Sophisticated spyware, sold by surveillance tech companies to Mexican government agencies, are ending up in the hands of drug cartels:

As many as 25 private companies — including the Israeli company NSO Group and the Italian firm Hacking Team — have sold surveillance software to Mexican federal and state police forces, but there is little or no regulation of the sector — and no way to control where the spyware ends up, said the officials.

Lots of details in the article. The cyberweapons arms business is immoral in many ways. This is just one of them…

Continue reading Mexican Drug Cartels with High-Tech Spyware

WhatsApp sues spyware maker for allegedly hacking phones worldwide

WhatsApp has publicly attributed the attack on its users in May 2019 to the Israeli spyware makers, NSO Group. Continue reading WhatsApp sues spyware maker for allegedly hacking phones worldwide

WhatsApp Sues NSO Group

WhatsApp is suing the Israeli cyberweapons arms manufacturer NSO Group in California court: WhatsApp’s lawsuit, filed in a California court on Tuesday, has demanded a permanent injunction blocking NSO from attempting to access WhatsApp computer systems and those of its parent company, Facebook. It has also asked the court to rule that NSO violated US federal law and California state… Continue reading WhatsApp Sues NSO Group

Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak

Forensic analysis shows a Chinese APT using Equation Group hacking tools at least a year before Shadow Brokers dumped its cache in April 2017. Continue reading Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak

Freedom House: Governments are turning cyberweapons on their own people

More and more governments are using cyberweapons like malware and distributed denial-of-service (DDoS) attacks against internal critics and dissidents, making online attacks the second-most-common form of repression after actual arrests, according to a new report from human rights group Freedom House. “Cyberattacks became more common due in part to the increased availability of relevant technology, which is sold in a weakly regulated market, and in part to inadequate security practices among many of the targeted groups,” the group states in its 2017 Freedom on the Net report, adding that falling prices and widening proliferation of cyberweapon technology means that even local officials and police have access. “The relatively low cost of cyberattack tools has enabled not only central governments but also local government officials and law enforcement agencies to obtain and employ them against their perceived foes,” like human rights advocates or watchdogs seeking to expose corruption and abuse, the report warns. Freedom House says governments […]

The post Freedom House: Governments are turning cyberweapons on their own people appeared first on Cyberscoop.

Continue reading Freedom House: Governments are turning cyberweapons on their own people

Middle Eastern hacking group is using FinFisher malware to conduct international espionage

A well-funded, highly active group of Middle Eastern hackers was caught, yet again, using a lucrative zero-day exploit in the wild to break into computers and infect them with powerful spyware developed by an infamous cyberweapons dealer named Gamma Group. The incident, as described by security researchers with Moscow-based cybersecurity firm Kaspersky Lab, shines a rare light on the opaque although apparently vibrant market for software exploits and spyware, which in this case appears to have been purchased by a nation-state. The Middle Eastern hacker group in this case is codenamed “BlackOasis.” Kaspersky found the group was exploiting a Adobe Flash Player zero-day vulnerability (CVE-2016-4117) to remotely deliver the latest version of “FinSpy” malware, according to a new blog post published Monday. Adobe issued a fix Monday to its users in the form of a software update. FinSpy, a final-stage payload that allows for an attacker to covertly learn what a target is talking […]

The post Middle Eastern hacking group is using FinFisher malware to conduct international espionage appeared first on Cyberscoop.

Continue reading Middle Eastern hacking group is using FinFisher malware to conduct international espionage

CIA’s Pandemic Toolkit

WikiLeaks is still dumping CIA cyberweapons on the Internet. Its latest dump is something called "Pandemic": The Pandemic leak does not explain what the CIA’s initial infection vector is, but does describe it as a persistent implant. "As the name suggests, a single computer on a local network with shared drives that is infected with the ‘Pandemic’ implant will act… Continue reading CIA’s Pandemic Toolkit

Who Are the Shadow Brokers?

In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of NSA secrets. Since last summer, they’ve been dumping these secrets on the Internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them…. Continue reading Who Are the Shadow Brokers?