The victims – about half – were in Palestinian territory, and the rest in Israel, Lebanon, Yemen, Spain [In Catalonia], United Kingdom, Turkey, Armenia, and Singapore.
Taking advantage of vulnerabilities in Windows, hackers, operating in Saudi Arabia, Israel, Hungary, Indonesia, and other countries, purchased and installed remote spy software made by Candiru.
The “software” – known as “spyware” and collecting personal and web browsing information – has been used in “attacks on computers, phones, network infrastructure and devices connected to the Internet” said the General Manager, Microsoft Digital Security Unit, Cristin Goodwin.
Alerted by cybersecurity investigators at the Citizen Lab at the University of Toronto, Canada, Microsoft launched digital protection programs [‘patches’], on Tuesday, to correct the weaknesses of Windows.
According to a statement released today, to which Lusa had access, Microsoft does not mention Candiru and specifies that the “software” will come from the Sourgum company.
“We believe that Surgum is an offensive player in the Israeli private sector. Sourgum typically sells cyber weapons that allow its customers, often government agencies around the world, to gain entry into computers, phones, network infrastructure, and devices connected to the Internet,” the statement said.
According to Citizen Lab, the surveys have shed light on the cost of doing business in the “spyware” industry.
For $16 million, Candiru customers can compromise an unlimited number of devices but are limited to tracking 10 at a time, according to Citizen Lab. For an additional 1.5 million euros, buyers can watch over 15 victims.
Candiru has clients in Europe, Russia, the Middle East, Asia, and Latin America, according to the Israeli newspaper Haaretz.