DAWN.COM Logo

Today's Paper | April 20, 2024

Israeli company linked to Middle East cyberattacks

AFP Published November 17, 2021
Israeli spyware company Candiru was blacklisted by the US government earlier this month. — AFP/File
Israeli spyware company Candiru was blacklisted by the US government earlier this month. — AFP/File

PARIS: Technology sold by Israeli spyware company Candiru appears to have been used for a campaign of cyberattacks targeting high-profile Middle Eastern websites, an analysis by cyber-security firm Eset said on Tuesday.

“We think it was a client of Candiru that carried out these attacks,” Eset investigator Matthieu Faou said.

Eset did not name the client, but pointed to an investigation by researchers at the University of Toronto that suggested in June that Saudi Arabia may have used similar techniques.

Based in Tel Aviv, Candiru sells sophisticated spyware to governments.

It was blacklisted by the US government earlier this month.

The offensive revealed by Eset used what are known as “watering hole” attacks, which add malicious code to legitimate websites that the targeted user is likely to visit.

Once the person visits the site, the code can then be used to infect their computer — potentially to spy on them or inflict harm in other ways.

The websites targeted in this campaign included UK-based news site Middle East Eye as well as Yemeni media outlets like Almasirah linked to the Houthi militants battling the Saudis, Eset said.

Another victim was thesaudireality.com, which Eset said was likely a dissident media outlet in Saudi Arabia.

Internet service providers in Yemen and Syria were also targeted along with the Iranian foreign ministry, Syria’s electricity ministry, and Yemen’s interior and finance ministries.

Other targets included sites run by the pro-Iranian group Hezbollah, Italian company Piaggio Aerospace and Denel, a state-owned South African aerospace and military technology conglomerate.

“The attackers also created a website mimicking a medical trade fair in Germany,” Eset noted in a press release, adding that the intrusions were recorded between July 2020 and August this year.

Candiru has earned comparisons with NSO, another Israeli company that was engulfed in scandal this year over accusations that governments used its Pegasus technology to spy on rights activists, politicians, journalists and business executives. The US government blacklisted NSO earlier this month, restricting exports from American firms.

Faou said the Candiru campaign did not appear to be aimed at mass data collection, specifically targeting a “very, very small” number of people.

Published in Dawn, November 17th, 2021

Read more

On DawnNews
Dawn News English
Comments (1) Closed
Dr. Salaria, Aamir Ahmad
Nov 17, 2021 03:41pm
Once a cheater, always a fraudster and trickster.
Recommend 0

Latest Stories

dawn images site

Most Popular

01
02
03
04
05
06
07
08
09

Must Read

Opinion

Editorial

X post facto
Updated 19 Apr, 2024

X post facto

Our decision-makers should realise the harm they are causing.
Insufficient inquiry
19 Apr, 2024

Insufficient inquiry

UNLESS the state is honest about the mistakes its functionaries have made, we will be doomed to repeat our follies....
Melting glaciers
19 Apr, 2024

Melting glaciers

AFTER several rain-related deaths in KP in recent days, the Provincial Disaster Management Authority has sprung into...
IMF’s projections
Updated 18 Apr, 2024

IMF’s projections

The problems are well-known and the country is aware of what is needed to stabilise the economy; the challenge is follow-through and implementation.
Hepatitis crisis
18 Apr, 2024

Hepatitis crisis

THE sheer scale of the crisis is staggering. A new WHO report flags Pakistan as the country with the highest number...
Never-ending suffering
18 Apr, 2024

Never-ending suffering

OVER the weekend, the world witnessed an intense spectacle when Iran launched its drone-and-missile barrage against...