Microsoft and technology human rights organization Citizen Lab said on Thursday that an Israeli firm marketed a tool to hack into Microsoft Windows, shining light on the increasing industry of identifying and selling methods to attack widely used software.
Candiru, a hacking tool provider, produced and sold a software vulnerability that can breach Windows, one of several intelligence products provided by a shadowy business that identifies weaknesses in popular software platforms for their clients. According to Citizen Lab, the hacking tool seller, Candiru produced and sold a software vulnerability that can enter Windows, one of several intelligence products provided by a hidden business that identifies weaknesses in common software platforms for its clients.
According to Citizen Lab and Microsoft reports, technical analysis by security researchers details how Candiru’s hacking tool spread worldwide to many unnamed clients, wherever it was applied to target many civil society organizations, including a Saudi dissident group a left-leaning Indonesian news outlet. “In general, Sourgum offers cyberweapons that allow its clients, often government agencies throughout the world, to hack into its targets’ computers, phones, network infrastructure, and internet-connected devices,” Microsoft stated in a blog post.
“These agencies then decide who to target and conduct the actual operations.” Candiru’s tools also exploited flaws in other popular software products, including Google’s Chrome browser. On Wednesday, Google published a blog post revealing two Chrome software vulnerabilities linked to Candiru discovered by Citizen Lab. Candiru was not mentioned by name in Google’s description, but it was described as a “commercial surveillance firm.”
Google fixed the two flaws early this year. According to computer security experts, cyber weapons merchants like Candiru frequently link numerous software vulnerabilities to develop mighty exploits that can consistently break into systems remotely without a target’s awareness.
According to sources acquainted with the cyber weapons business, such hidden systems cost millions of dollars and are sometimes given on a subscription basis, requiring clients to pay a supplier for continuous access regularly.
Prittle Prattle News has curated this article.
Also Read Global warming , weekend getaway
