Meta Platforms has disclosed a comprehensive set of measures aimed at curtailing the activities of eight companies operating within the surveillance industry across Italy, Spain, and the United Arab Emirates. These actions were detailed in Meta's Adversarial Threat Report for the fourth quarter of 2023 and were specifically designed to address the proliferation of spyware targeting devices running iOS, Android, and Windows operating systems. The spyware identified by Meta possessed a wide range of capabilities, including the collection of device information, location data, photos, media files, contacts, calendar entries, emails, SMS messages, and data from various social media and messaging applications. Additionally, the spyware could enable intrusive functionalities such as accessing the microphone, and camera and capturing screenshots without the user's consent.

Among the companies implicated in these activities were Cy4Gate/ELT Group, RCS Labs, IPS Intelligence, Variston IT, TrueL IT, Protect Electronic Systems, Negg Group, and Mollitiam Industries. Meta's investigation also revealed that these companies engaged in other nefarious activities, including scraping, social engineering, and phishing, targeting a wide array of popular platforms such as Facebook, Instagram, X (formerly Twitter), YouTube, Skype, GitHub, Reddit, Google, LinkedIn, Quora, Tumblr, VK, Flickr, TikTok, SnapChat, Gettr, Viber, Twitch, and Telegram.

For instance, RCS Labs utilized a network of fictitious personas to deceive users into divulging personal information, while Variston IT employed Facebook and Instagram accounts for the development and testing of exploits, including the dissemination of malicious links. Meta's efforts to combat these threats extended beyond surveillance activities, encompassing coordinated inauthentic behavior (CIB) targeting users on its platforms. These efforts included the removal of over 2,000 accounts, Pages, and Groups originating from China, Myanmar, and Ukraine, which sought to manipulate public discourse and influence political narratives.

To enhance the security of its platforms and protect users from such threats, Meta introduced new features and technologies, including Control Flow Integrity (CFI) for Messenger on Android and VoIP memory isolation for WhatsApp. However, despite these proactive measures, the landscape of surveillance threats continues to evolve, with new methods and tools continually emerging.

Recent discoveries, such as Patternz, a surveillance tool leveraging real-time bidding advertising data, and the MMS Fingerprint attack allegedly utilized by the NSO Group, underscore the persistent challenges in combating surveillance threats. Patternz, for example, utilizes advertising data from popular apps like 9gag, Truecaller, and Kik to track mobile devices in real-time, while the MMS Fingerprint attack exploits vulnerabilities in the Multimedia Messaging Service (MMS) protocol to target mobile networks.

These developments highlight the ongoing need for vigilance and innovation in cybersecurity measures, as well as the importance of collaboration between government agencies, tech companies, and civil society organizations to address the evolving threat landscape effectively.

Source: https://thehackernews.com/2024/02/meta-warns-of-8-spyware-firms-targeting.html