Hackers for hire spy on 50,000 people in 100 countries, according to Meta Platforms
Meta Platforms Inc said Thursday that its platforms have been used by seven surveillance companies based in China, Israel, India and North Macedonia to spy on or track up to 50,000 people in 100 countries. The internal investigation – which began earlier this year – focused on seven different entities from those four countries, including BellTrox, an India-based hacker.
Although Meta did not provide details on the number of people targeted in which country, most were journalists, dissidents, critics of authoritarian regimes, families of opposition members, human rights activists, lawyers, doctors and even members of the clergy, he said.
He said: “BellTroX was exploiting fake accounts to impersonate a politician and pose as journalists and environmental activists with the aim of making social engineering its targets for soliciting information, including their email addresses. -mail, possibly for phishing attacks at a later stage. Her activity on our platform was limited and sporadic between 2013 and 2019, after which she took a break. “
Meta added that it has deactivated accounts linked to those companies and served them with a cease and desist notice, while sharing details of the internal findings with security researchers, other platforms and policymakers.
Nathaniel Gleicher, Head of Security Policy at Meta, said: “It’s a shadow industry of companies that operate around the world and provide, who will hire them, tools and techniques, to surreptitiously target people. innocent so that they can spy, monitor, understand who their friends are, what they could do with their time. This industry is larger than anyone can imagine.
The internal report details that these seven companies targeted people in one of three ways: recognition, engagement and exploitation. At first, targets were silently profiled by these “cyber-mercenaries” often using software to collect publicly available data on the Internet.
“They generally collect and store data from public websites such as blogs, social media, knowledge management platforms like Wikipedia and Wikidata, news media, forums and dark websites,” the report says. .
The next step in the chain of custody is engagement, aimed at establishing contact either with the target or their loved ones in order to build trust, which is then harnessed in the third phase.
“Tool sophistication varies widely in this industry, from commercial malware easily detected by most antivirus software to one-click or even no-click exploit links sent to targets. “