An Israeli company specialized in selling to governments around the world software espionage created a malicious code that attacks the Windows operating system and was used in Spain, specifically in Catalonia, as well as in other countries, as reported by Microsoft in an entry on its cybersecurity blog. The technology explained that this malicious code (malware) was used against more than 100 victims around the world, including politicians, human rights activists, journalists, academics, embassy workers and political dissidents.
From Microsoft they clarified that the fact that there are victims of this software Spying in a specific country “does not necessarily mean that an agency in that same country” is a client of the Israeli company, since attacks originating in third countries are common.
Of the more than 100 victims, approximately half were in Palestinian Authority territory and the rest in Israel, Iran, Lebanon, Yemen, Spain (specifically in Catalonia), the United Kingdom, Turkey, Armenia and Singapore. Microsoft did not offer more details about the identity or nature of the Catalan victims or the rest of the places.
The Israeli company that manufactures and sells this software malicious is called Candiru, according to an investigation by the Citizen Lab of the University of Toronto (Canada). It was the work of this center that alerted Microsoft, with whom they maintain a close collaboration, of the existence of this threat. “Candiru is a low-key Israel-based company that sells software it spies exclusively on governments ”. Their tool is used to “infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts,” Citizen Lab explained on their blog.
According to Microsoft, these types of companies sell “bundles” of software malicious to government agencies around the world so that they can gain access without permission to computers, telephones, network infrastructures and other devices of citizens.
The company that created the Windows operating system this week launched a series of digital protections against it. malware designed to prevent it from acting on computers that have already been infected and to prevent new devices from being infected.
“Microsoft has created protections in its products against this malware unique, which we call DevilsTongue “, says the company in a statement. “We have shared these protections with the community so that we can collectively address and mitigate this threat,” says the technology company, which has also launched a Windows update to protect its customers from this software malicious. According to Microsoft, DevilsTongue was able to infiltrate popular websites such as Facebook, Twitter, Gmail, Yahoo, and others to collect information, read victims’ messages, and retrieve photos.