7 hours ago by dogma1138
Microsoft didnât attributed it to an Israeli firm, Citizen Lab did.
Another article on this also showed pricing reported by Citizen Lab, $1.8 per 10 devices if this is true this market will be exploding unless it will be heavily regulated..
7 hours ago by dogleash
>Microsoft doesnât name Candiru but instead refers to an âIsrael-based private sector offensive actorâ it calls Sourgum.
https://blogs.microsoft.com/on-the-issues/2021/07/15/cyberwe...
>We believe Sourgum is an Israel-based private sector offensive actor or PSOA.
30 minutes ago by ManBlanket
I just want to point out Candiru is a fish that supposedly wriggles up someone's ding-dong when they pee in Amazonian rivers while swimming? I'm... gravely... skeptical that it ever actually happens, if I were to guess it's one of those, "I fell on it while getting dressed" situations that are occasionally explained to amused ER doctors. Maybe even one of those, "they put a chemical in the pool that makes the water turn purple when you pee." Whatever the deal with Candiru is, at some point someone suggested naming their spyware after the urethra fish. They might be making the world a worse place, but you can't say they don't have a sense of humor about it.
6 hours ago by dogma1138
> We believe Sourgum is an Israel-based private sector offensive actor or PSOA. Citizen Lab has identified the group as a company called Candiru. Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targetsâ computers, phones, network infrastructure and internet-connected devices.
an hour ago by dang
We've changed the title from "Israeli Firmâs Spyware Used Against Dissidents, Microsoft Says" as part of changing the URL from https://www.bloomberg.com/news/articles/2021-07-15/israeli-f... to the report it points to.
7 hours ago by undefined
6 hours ago by qwerty456127
As a society, we absolutely have to start actively developing software (OS in the first place) and hardware with privacy as a topmost priority. Using Windows and common Windows apps leaves bizarrely many tracks on the computer. Just take a look at one of the many resources on "computer forensics" and you'll see.
And I doubt this can be addressed without decreasing complexity.
6 hours ago by deregulateMed
I wonder if those supposedly secure Linux distros are actually secure.
Anything from MS, Google, and Apple cannot be trusted.
14 minutes ago by undefined
6 hours ago by 1cvmask
The other Israeli hacking company was NSO Group which was allegedly used in the killing of Khashoggi:
https://www.business-humanrights.org/en/latest-news/nso-grou...
an hour ago by srean
Also for targeting activists in India to arrest them on trumped charges and planted evidence on the Bhima Koregaon case. All of them are being held without trial -- a norm of sorts for the current Indian government
The held include activists, reputed professors from IIT.
https://citizenlab.ca/?s=koregaon
https://www.washingtonpost.com/world/2021/04/20/india-bhima-... (paywalled)
https://www.washingtonpost.com/world/2021/07/06/bhima-korega... (paywalled)
https://www.washingtonpost.com/context/new-forensics-report-... (downloadable report)
6 hours ago by afrcnc
Can we submit non-paywalled links. Like the actual source: https://citizenlab.ca/2021/07/hooking-candiru-another-mercen...
6 hours ago by hkon
I am curious as to how exactly the spyware got on the victims computers. In the Microsoft blog, they mention a chain of exploits. But it could be interesting to understand how they are able to target an individual system with such precision.
3 hours ago by weeweww32
oy vey
5 hours ago by tgragnato
Funny thing is that they used zcombinator[.]co for one of their C2
6 hours ago by colinprince
Let's link to a non-paywalled article: https://citizenlab.ca/2021/07/hooking-candiru-another-mercen...
(instead of: https://www.bloomberg.com/news/articles/2021-07-15/israeli-f... )
an hour ago by dang
Changed.
Daily digest email
Get a daily email with the the top stories from Hacker News. No spam, unsubscribe at any time.