At a glance.
- Meta kicks "cyber mercenaries" off its platforms.
- A curious case of virtual harassment.
Meta reacts to discovery of surveillance-for-hire operations.
While the world has been focused on the controversy surrounding NSO Group’s Pegasus spyware, a report from researchers at Citizen Lab and Meta has revealed that two Egyptians were hacked with Predator surveillance software, supplied by lesser-known mercenary spyware developer Cytrox. The victims’ devices were attacked this past June, infecting Apple’s 14.6 iOS operating system using single-click malicious links delivered via the WhatsApp messaging platform. It’s worth noting that the phone of one of the targets, exiled politician Ayman Nour and critic of the incumbent Egyptian president, was simultaneously hit with both Predator and Pegasus, operated by two different government clients. By analyzing Predator spyware servers, the researchers found likely Predator customers in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia, and Serbia. Cytrox is reportedly an arm of Intellexa, an EU-based and regulated NSO competitor.
In the wake of these findings, TechCrunch reports that Meta has responded by deleting more than 1,500 Facebook and Instagram accounts linked to Cytrox and six other surveillance-for-hire groups for allegedly engaging in a “surveillance chain” that resulted in sending malicious links to thousands of victims in over one hundred countries. Based out of China, Israel, India, and North Macedonia, the other outfits include Cobwebs Technologies, Cognyte, Black Cube, Bluehawk CI, BellTroX, and an unknown entity in China.
Meta is also seeking to crack down on groups involved in the preceding and equally treacherous steps of reconnaissance and engagement that lead to surveillance. "If we can collectively tackle this threat earlier in the surveillance chain, it would help stop the harm before it gets to its final, most serious stage of compromising people’s devices and accounts," Meta explains.
The Guardian adds that Meta has also contacted nearly 50,000 individuals who were targeted by the seven outfits; though not all were hacked, it is believed they were subjected to “malicious activity.” Meta states, “NSO is only one piece of a much broader global cyber mercenary industry. Today, as part of a separate effort, we are sharing our findings about seven entities that we removed from our platform for engaging in surveillance activity and we will continue to take action against others as we find them.”
Assault in the metaverse.
Meta was also in the news for an unfortunate incident on its virtual-reality social media platform, Horizon Worlds. Launched just last week, the platform allows avatars to gather, create, and hang out in virtual space. Technology Review reports that on November 26, a beta tester posted that she’d been the subject of virtual harassment, “groped” by a stranger while on the Horizon Worlds platform. Meta does provide a feature called Safe Zone, a protective bubble users can activate that will prevent other users from interacting with them if they feel unsafe, but Meta’s investigation into the incident revealed the beta tester unfortunately was not using it at the time. Horizon vice president Vivek Sharma states “That’s good feedback still for us because I want to make [the blocking feature] trivially easy and findable.”
The University of Washington’s Katherine Cross, a researcher who focuses on online harassment, points out that this is not the first incident of its kind, and often virtual harassment can feel just as genuine as its physical counterpart. “At the end of the day, the nature of virtual-reality spaces is such that it is designed to trick the user into thinking they are physically in a certain space, that their every bodily action is occurring in a 3D environment.”