Meta Alerts Against 8 Spyware Companies Targeting iOS, Android, and Windows Platforms
Meta Platforms has announced measures taken to combat malicious activities conducted by eight firms from Italy, Spain, and the United Arab Emirates (U.A.E.) involved in the surveillance-for-hire sector. These actions, outlined in its Adversarial Threat Report for Q4 2023, targeted iOS, Android, and Windows devices.
The spyware deployed by these companies possessed diverse capabilities, including collecting device information, accessing location data, photos, media, contacts, calendar, email, SMS, social media, messaging apps, and enabling microphone, camera, and screenshot functionalities.
The implicated companies are Cy4Gate/ELT Group, RCS Labs, IPS Intelligence, Variston IT, TrueL IT, Protect Electronic Systems, Negg Group, and Mollitiam Industries. Meta disclosed that these entities also engaged in scraping, social engineering, and phishing across various platforms such as Facebook, Instagram, X (formerly Twitter), YouTube, Skype, GitHub, Reddit, Google, LinkedIn, Quora, Tumblr, VK, Flickr, TikTok, SnapChat, Gettr, Viber, Twitch, and Telegram.
Specifically, Meta revealed that a network of fictitious personas associated with RCS Labs, owned by Cy4Gate, deceived users into providing personal information. Facebook and Instagram accounts linked to Variston IT were removed for their involvement in exploit development and testing.
Furthermore, Meta identified accounts used by Negg Group and Mollitiam Industries for spyware testing and data collection service advertisement, respectively. The social media giant also took action against coordinated inauthentic behavior (CIB) networks from China, Myanmar, and Ukraine, removing over 2,000 accounts, Pages, and Groups from Facebook and Instagram.
领英推荐
The Chinese network targeted U.S. audiences with content criticizing U.S. foreign policy, while the Myanmar network focused on its own residents with articles praising the Burmese army. The third network supported Ukrainian politician Viktor Razvadovskyi and shared content related to the government and opposition in Kazakhstan.
In response to these threats, Meta introduced new features, such as Control Flow Integrity (CFI) on Messenger for Android and VoIP memory isolation for WhatsApp, aiming to enhance security and reduce the vulnerability of its platforms to exploitation. Additionally, Meta, along with other government and tech entities, has committed to curbing the misuse of commercial spyware for human rights abuses.
For Further Reference