Meta takes down spyware network run by Indian company CyberRoot Risk Advisory

Social media conglomerate Meta Inc said on Thursday that it had discovered and taken down a significant spyware and surveillance-for-hire network run by an Indian company, CyberRoot Risk Advisory.

During its investigations into threats present across its platforms, Meta said it had discovered that CyberRoot Risk Advisory had a network of more than 40 accounts on Facebook and Instagram, which it used to lure users from across the globe into phishing and to spy on them for its clients.

The firm was among the most active and persistent groups active online across platforms of Meta as well as other social media intermediaries, the company said.

CyberRoot’s method of operation was to create fake accounts tailored to gain the trust of users from across the globe.
“To appear more credible, these personas impersonated journalists, business executives and media personalities. In some cases, CyberRoot also created accounts that were nearly identical to accounts connected to their targets like their friends and family members, with only slightly changed usernames, likely in an attempt to trick people into engaging,” Meta said in its report.

The playbook used by CyberRoot was akin to another Indian surveillance-for-hire firm BellTroX, Meta said. The social media company had in 2021 detected and disbanded BellTrox’s accounts present across its platforms.

Discover the stories of your interest



“As part of their phishing campaigns, they spoofed domains of major email providers, video conferencing and file sharing tools, including Gmail, Zoom, Facebook, Dropbox, Yahoo, OneDrive and targets’ corporate email servers. These domains were used for stealing login credentials to the victims’ online accounts on these services,” Meta said in the report.

Responding to a question from ET, a Meta executive said the surveillance-for-hire industry had become much more commercialised over the last five years.

Companies like CyberRoot, which operate such spyware, often claim to have a legitimate side of the business where they sell these tools to law enforcement and other responsible agencies, the executive said.

The group targeted people around the world and would work in industries such as cosmetic surgery and law firms in Australia, Russian real-estate and investment companies, private equity firms and pharmaceutical companies in the United States, environmental and anti-corruption activists in Angola, gambling entities in the UK, and mining companies in New Zealand, Meta said in its report – ‘Threat Report on the Surveillance-for-Hire Industry’.

“They were focused on business executives, lawyers, doctors, activists, journalists and members of the clergy in countries like Kazakhstan, Djibouti, Saudi Arabia, South Africa and Iceland,” Meta said.

In total, between 2017 and November 2022, Meta said it had taken down 200 such networks originating from China, Russia, Israel, the United States and India that engaged in coordinated inauthentic behaviour, covert influence operations, cyber-espionage campaigns, spam and scam as well as surveillance-for-hire.

“Looking into 2023, we expect to see a rise in off-platform targeting attempts that compromise social media accounts. So, you should expect us to double down to address threats in a few areas, adding more on platform protection, educating people to help them avoid compromise and increasing support for people when they are locked out,” Meta’s chief information security officer Guy Rosen told a select group of journalists in a briefing late on Wednesday, Indian time.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.