Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware


A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said.

The private company, called variously Candiru, Grindavik, Saito Tech and Taveta (and dubbed “Sourgum” by Microsoft), reportedly sells its wares exclusively to governments, according to Citizen Lab, which first analyzed the malware and flagged it for Microsoft. The code, collectively known as “DevilsTongue,” has been used in highly targeted cyberattacks against civil society, according to an advisory issued Thursday – making use of a pair of zero-day vulnerabilities in Windows (now patched).

Read more…
Source: ThreatPost

Related story: Pegasus project: spyware leak suggests lawyers and activists at risk across globe