America’s Microsoft Corporation and technology human rights group Citizen Lab say an Israeli group sold a tool to hack into Microsoft Windows, amid growing concerns that Israelis are deeply involved in the business of finding and selling tools to hack the widely-used software.
The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of several intelligence products sold by the growing Israeli secretive industry, said a report by Citizen Lab.
Security researchers have provided details howCandiru's hacking tool spread around the globe to a large number of unnamed customers, where it was then used to target various civil society organizations, the reports by Citizen Lab and Microsoft show, Reuters reported.
The evidence suggested that the exploit was deployed against users in numerous countries,including Iran, Lebanon, Spain and the United Kingdom, according to the Citizen Lab report.
"Candiru's growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse," Citizen Lab said in its report.
Microsoft did not directly name Candiru, instead described it as an "Israel-based private sector offensive actor" under the code name Sourgum.
"Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure,and internet-connected devices," Microsoft wrote in a blog post.
"These agencies then choose who to target and run the actual operations themselves,” the post added.
Candiru's tools were reportedly also used to exploit weaknesses in other common software products, such as Google's Chrome browser.