An Israeli group sold a tool to hack into Microsoft Windows, Microsoft and other technology according to human rights group Citizen Lab, shedding light on the growing business of finding and selling tools to hack widely used software.
The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients, said a report by Citizen Lab.
Technical analysis by security researchers details how Candiru’s hacking tool spread around the globe to numerous unnamed customers, where it was then used to target various civil society organisations, including a Saudi dissident group and a left-leaning Indonesian news outlet, the reports by Citizen Lab and Microsoft show.
Attempts to reach Candiru for comment were unsuccessful.
Evidence of the exploit recovered by Microsoft Corp suggested it was deployed against users in several countries, including Iran, Lebanon, Spain and the United Kingdom, according to the Citizen Lab report.
“Candiru’s growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab said in its report.