Meta (formerly Facebook) on Friday said it has disabled seven 'surveillance-for-hire' entities — including one from India -- which targeted 50,000 individuals, such as politicians, election officials, human rights activists, and celebrities in over 100 countries on behalf of their clients.
The company’s fight with the spy firms comes amid a wider move by American tech companies, US lawmakers, and President Joe Biden’s administration against purveyors of digital espionage services, notably the Israeli spyware company NSO Group, which was blacklisted earlier this month following weeks of revelations about how its technology was being deployed against civil society.
Surveillance-for-hire companies target people to collect intelligence, manipulate and compromise their devices and accounts across the internet.
These surveillance providers are based in China, Israel, India, and North Macedonia. The seven entities are BellTroX (India), Cytrox (North Macedonia), Cobwebs Technologies, Cognyte, Black Cube, and Bluehawk CI (Israel), and an unknown entity in China.
The social media giant is sending alerts to almost 50,000 people who it believes were targeted by one or more of these entities.
Nathaniel Gleicher, Meta's head of security policy, told Reuters that the crackdown was meant to signal that "the surveillance-for-hire industry is much broader than one company."
Meta's 'Threat Report on the Surveillance-for-Hire Industry' said it was suspending roughly 1,500, mostly fake accounts run by seven organisations across Facebook, Instagram and WhatsApp.
Meta did not provide a detailed explanation of how it identified the surveillance firms but it operates some of the world's biggest social and communications networks and regularly touts its ability to find and remove malicious actors from its platforms.
Among them is Israel's Black Cube, which became notorious for deploying its spies on behalf of Hollywood rapist Harvey Weinstein. Meta said the intelligence firm was deploying phantom personas to chat its targets up online and gather their emails, "likely for later phishing attacks.
"In a statement, Black Cube said it "does not undertake any phishing or hacking" and said the firm routinely ensured "all our agents' activities are fully compliant with local laws."
BellTroX founder Sumit Gupta did not Reuters reporters' messages since his firm was exposed last year. He had previously denied wrongdoing.
The report said Meta had removed about 400 Facebook accounts, the vast majority of which were inactive for years, linked to BellTroX and used for reconnaissance, social engineering and to send malicious links.
BellTroX is based in India and sells what's known as "hacking for hire" services, which were reported previously as well. Its activity on Meta's platform was limited and sporadic between 2013 to 2019, after which it paused.
Cognyte, Verint and Bluehawk did not immediately return messages seeking comment.
In 2019, WhatsApp (part of Meta) had sued NSO Group -- which had developed a software called Pegasus, that was allegedly used to conduct cyberespionage on journalists, human rights activists and others.
To read the full story, Subscribe Now at just Rs 249 a month