Meta Cracks Down on Spyware Vendors

Facebook’s parent company Meta said that it removed a number of spyware firms this year, including in China, Russia, Israel, the United States and India, which targeted people in almost 200 countries and territories.

Facebook Meta“This [surveillance-for-hire] industry exponentially increases the supply of threat actors by providing powerful surveillance capabilities to its clients against people who typically have no way of knowing they are being targeted,” Meta said. (Photo: Anthony Quintano, Flickr, License)The social media giant warned in a report that the spyware and surveillance-for-hire industry “indiscriminately” targeting journalists, activists, and political opposition has become a growing threat globally.

The spyware firms created fake accounts and used software tools to “scrape” user information from social media and compromise the devices and accounts of their victims, it said.

The threat report detailed how Meta barred a web of 130 Instagram and Facebook accounts linked to Israeli spyware developer Candiru, and another 250 accounts linked to Quadream, also a spyware vendor. Both firms were founded by former NSO Group employees, and used social media to test their “malicious capabilities” which would allow user information to be exfiltrated.

Back in 2019 Meta was among the first to call out the creator of the infamous Pegasus spyware, when it sued Israeli firm NSO Group for hacking into 1,400 WhatsApp users’ mobile devices - targeting journalists and human rights activists.

In another case, Meta removed 900 fake social media accounts operated by an unspecified Chinese firm, which pursued the information of “people in Myanmar, India, Taiwan, the United States, and China, including military personnel, pro-democracy activists, government employees, politicians and journalists.”

Some other companies targeted in Meta’s crackdown were Russia-based Avalanche, New York-based Social Links that was originally from Russia, and Israeli-based Cyber Globes.

“While spyware vendors often claim that their services and surveillanceware are intended to focus on criminals and terrorists, our threat research found they in fact regularly targeted journalists, political opposition and human rights activists around the world,” Meta’s report said.

“These companies are part of a sprawling industry that provides intrusive software tools and surveillance services indiscriminately to any customer — regardless of who they target or the human rights abuses they might enable,” it added.

The report also pointed out that this growing industry in a sense “democratizes” these threats by making them available to non-government and government groups alike, and increasing the “supply of threat actors in the world.”

“Given the global nature of this threat, no single company can tackle this alone,” Meta said, urging cooperation between industry peers, governments and civil society when it comes to surveillance threats.