Meta, a Facebook parent, banned a series of « online mercenary » groups, and began alerting about 50,000 people likely to be targeted by companies accused of spying on activists, dissidents and journalists around the world.
Meta has shut down 1,500 Facebook and Instagram pages linked to groups with services that allegedly range from collecting public information online to using fake personas to build trust with targets or digital intrusion via hack attacks.
The social media giant has also begun warning about 50,000 people it believes may have been targeted in more than 100 countries by companies that include many in Israel, a major player in the electronic surveillance industry.
« The watch-for-hire industry … looks like indiscriminate targeting on behalf of who pays the most, » Nathaniel Glaisher, Meta’s head of security policy, said at a press conference.
The Facebook parent said it had deleted accounts linked to Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI — all of which were based or incorporated in Israel.
India-based BellTroX, North Macedonian Cytrox and an anonymous entity in China have also seen accounts linked to them removed from Meta platforms.
« These cyber-mercenaries often claim that their services are aimed only at criminals and terrorists, » Meta’s statement said. « We banned them from our services. »
« The targeting is in fact indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition members, and human rights activists, » she added.
In a statement to AFP, Black Cube denied any wrongdoing or even working in the « internet world ».
« Black Cube works with the world’s leading law firms to prove bribery, expose corruption, and recover hundreds of millions of stolen assets, » she said, adding that the firm ensures it complies with local laws.
Chinese operation without a name
Companies selling Web Intelligence Services begin the monitoring process by gathering information from publicly available online sources such as news reports and Wikipedia.
Meta investigators said internet mercenaries then create fake social media accounts to collect information from people’s profiles and even join groups or chats to learn more.
Another tactic is to gain the target’s trust in a social network and then trick the person into clicking on a link or a booby-trapped file to install software that can then steal information from whatever device they use to connect to the Internet.
No news is bad news
for you contributions You’ll help us keep delivering the stories that matter to you
Support us now
With this type of access, a mercenary can steal data from a target’s phone or computer, as well as activate microphones and cameras and silently track geolocation, according to the Meta team.
The Meta report said that Bluehawk, one of the companies targeted, sells a wide range of monitoring activities, including managing fake accounts to install malicious code.
Meta reported that some fake accounts linked to Bluehawk spread as journalists from media outlets such as Fox News in the US and La Stampa in Italy.
While Meta was unable to determine who was running the unnamed Chinese operation, it did trace the « command and control » of a monitoring tool embedded in servers that Chinese law enforcement officials appear to be using.
“In some cases, we found the malware framework for this group deployed alongside facial recognition software developed by a Beijing-based company,” the Meta report said.
« Spécialiste de la télévision sans vergogne. Pionnier des zombies inconditionnels. Résolveur de problèmes d’une humilité exaspérante. »