Pegasus: Meta posted on its website, on Thursday (16), a serious cybersecurity warning: rental surveillance companies, officially contracted to protect governments and organizations against criminals and terrorists, are in fact “cyber mercenaries”. Therefore, the parent company of Facebook, Instagram and WhatsApp removed seven of these companies from their platforms and notified more than 50,000 victims of these illegal activities.
Signed by Director of Interruption and Threats, David Agranovich, and the conglomerate’s Head of Cyber Espionage Investigations, Mike Dvilyanski, the publication reveals that “pseudoguardians” distribute intrusive software and provide indiscriminate surveillance services, read espionage, so “democratic” to anyone who pays them for the service.
For investigators, the focus on the role of the NSO, the Israeli company behind the Pegasus spyware, which Meta sued last month, showed that the group is just “one piece of a global industry.” According to the publication, cybermercenaries have indiscriminate targets such as “journalists, dissidents, critics of authoritarian regimes, opposition families and human rights activists”.
Who are the companies expelled from Meta platforms?
The seven surveillance companies expelled by Meta are: Israeli Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI, all operating in the US, UK and Spain; BellTroX, headquartered in India; Cytrox from Northern Macedonia and an unknown group based in China.
According to Meta, this surveillance-for-hire industry operates in three phases of a chain: “reconnaissance”, in which companies gather information about their targets on the public internet and the dark web; “engagement”, in which operators relate and establish relationships; and “exploitation” or “for hire hacking”, where they get targets to provide information, through malware insertion or other type of action.