Israeli Company Uses Fake BLM and Women’s Studies Websites to Hack People’s Devices

Jews will never really align with any right-winger in any meaningful sense. We witnessed the number of kosher knives buried in Donald Trump’s back, despite the fact that he did all that stuff for Israel.

However, it isn’t just right-wingers that Jews will stab in the back.

The Guardian:

An Israeli company that sells spyware to governments is linked to fake Black Lives Matter and Amnesty International websites that are used to hack targets, according to a new report.

Researchers from the Citizen Lab at the University of Toronto, who worked with Microsoft, issued a report on Thursday about the potential targets of Candiru, a Tel Aviv-based firm marketing “untraceable” spyware that can infect and monitor computers and phones.

One way the company’s spyware allegedly infects targets is through web domains, and the researchers found that the firm’s software was associated with URLs masquerading as NGOs, women’s rights advocates, activist groups, health organizations and news media. Citizen Lab’s research uncovered websites tied to Candiru with domain names such as “Amnesty Reports”, “Refugee International”, “Woman Studies”, “Euro News” and “CNN 24-7”.

The researchers have not identified specific targets of the websites impersonating human rights groups, and have not confirmed the involvement of any specific government clients. Microsoft said it appeared that Candiru sells the spyware that enables the hacks, and that the governments generally choose who to target and run the operations themselves.

The findings suggest that a secretive and little-known company with a wide global reach could be helping governments hack and monitor people in civil society. The report comes amid growing concerns about surveillance technologies that can aid human rights abuses and law enforcement monitoring and crackdowns on Black Lives Matter and related activist groups.

Microsoft’s threat intelligence center, which tracks security threats and cyberweapons, conducted its own analysis and said it found at least 100 targets of malware linked to Candiru, including politicians, human rights activists, journalists, academics, embassy workers and political dissidents.

Here’s Microsoft’s blog post.

There are no legitimate reasons for intelligence firms or their government customers to create websites that impersonate high-profile activist groups and not-for-profit organizations, said Bill Marczak, a co-author of the report, in an interview.

Activists who are targeted may click on links that appear to be from trusted sources and then be taken to a site with innocuous content or redirected elsewhere, he explained. “But this website, which was specially registered for the purpose of exploiting their computer, would run code in the background that would silently hijack control of their computer,” he said.

The malware could enable “persistent access to essentially everything on the computer” potentially allowing governments to steal passwords and documents or turn on a microphone to spy on a victim’s surroundings.

“The user wouldn’t recognize anything was amiss,” said Marczak, a senior research fellow with the Citizen Lab, which has scrutinized British, German and Italian spyware firms, and previously exposed the activities of NSO Group, another Israeli company that allegedly enabled government hacking of journalists and activists.

Citizen Lab said it was able to identify a computer that had been hacked by Candiru’s malware, and then used that hard drive to extract a copy of the firm’s Windows spyware. The owner of the computer was a “politically active” individual in western Europe, the report said.

The team also identified more than 750 domain names that appeared to be linked to Candiru and its customers. In addition to the sites masquerading as not-for-profits, the researchers found URLs that appeared to impersonate a left-leaning Indonesian publication; a site that publishes Israeli court indictments of Palestinian prisoners; a website critical of Saudi Arabia’s crown prince, Mohammed bin Salman; and a site that appeared to be associated with the World Health Organization.

So, I wonder: do you think they’re doing this with right-wing sites as well?

You should be careful with your web browsing.

Windows is a disaster in general. But obviously, we have a high gamer population in our readership, so I wouldn’t realistically expect you to buy Macs (Mac has better software, but the bigger issue is that it is such a small percentage of the total computer user base that it is not efficient to design viruses for it). Based on the donations (plz donate), I have to assume you’re all broke NEETs who couldn’t afford two computers. You can of course dual-boot Linux on a Windows computer, but it’s not really reasonable to switch back and forth between operating systems, and dual-boots are kind of a nightmare.

The number one very easy thing you can do is use Brave Browser. This automatically blocks any suspicious scripts, and will also allow you to manually block all scripts.

In the longer term: hopefully the Linux-based SteamOS works, and allows you to just run games on Linux. The new Steam Deck handheld computer is running SteamOS, and they’re making out like it can play all Steam games.

No one knows yet if this Switch clone is burying the lede of the announcement of total game compatibility for Linux.

Of course, SteamOS is open source, so even if you don’t use Steam, you would still be able to install the operating system and get games to work. Steam’s website announcing the Deck also says that you can install Epic Games on it, and implies it will play all their games too.

Full game compatibility on Linux would be a real game changer for NEET security.