Meta bans array of 'cyber mercenary' groups, warns 50,000 people that were targeted

WION Web Team

San Francisco, United StatesUpdated: Dec 17, 2021, 03:18 PM IST

The Sharp Boys have never mentioned or made any requests for ransom in any of their attacks. It's unclear whether the attacks had a nationalist agenda. Photograph:(Others)

Story highlights

Furthermore, Facebook is warning about 50,000 users in more than 100 countries who may have been targeted by firms including several from Israel, a leading player in the cyber surveillance business

Meta, the parent company of Facebook, banned an array of "cyber mercenary" groups on Thursday, alerting 50,000 users who may have been targeted by firms that spy on activists, dissidents, and journalists.

Meta shut down 1,500 Facebook and Instagram webpages linked to groups with services ranging from snooping up public information online to building trust with targets with fake personas to performing digital snooping via hacking attacks.

Also read | Fretting about data security, Chinese government expands its use of 'golden shares'

Furthermore, Facebook is warning about 50,000 users in more than 100 countries who may have been targeted by firms including several from Israel, a leading player in the cyber surveillance business.

"The surveillance-for-hire industry... looks like indiscriminate targeting on behalf of the highest bidder," Nathaniel Gleicher, head of security policy at Meta, told a press briefing.

Facebook said it removed accounts from Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI -- all of which are based or founded in Israel.

BellTroX, a company based in India, Cytrox based in Macedonia, and another entity with an unidentified location in China also had their Meta accounts removed.

Researchers at Canadian cybersecurity organisation Citizen Lab also accused Cytrox of developing and selling spyware used to hack Egyptian opposition figure Ayman Nour's phone.

Also read | This is how Huawei is associated with China’s state surveillance

"These cyber mercenaries often claim that their services only target criminals and terrorists," said a Meta statement.

"Targeting is in fact indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition members and human rights activists," it added. "We have banned them from our services."

In most cases, the companies selling "web intelligence services" gather information from publicly available online sources, such as news reports and Wikipedia, before beginning the surveillance process.

Cyber mercenaries then created fake accounts on social media sites to gather info about users, Meta investigators said, joining groups and conversations to get further details.

A third tactic is to gain a target's trust on a social network and then trick the person into clicking a booby-trapped link or file that installs software that can then steal information from their devices.

Watch | Meta crackdown on spy firms: 1,500 accounts suspended

This kind of access allows mercenaries to steal data from a target's phone or computer. In addition, they can silently activate microphones, cameras, and tracking systems.

While Meta was not being able to pinpoint who ran the Chinese operation, it tracked "command and control" of the surveillance tool to servers that appeared to be used by law enforcement officials in China.

(With inputs from agencies)