°®Âþµº

Israeli spyware Candiru exploited Google Chrome flaw to snoop on MENA journalists: report

Spyware from Israeli firm Candiru has reportedly been used to exploit a Google Chrome flaw and target journalists across the Middle East
2 min read
25 July, 2022
Israeli spyware company Candiru, has reportedly been used to spy on journalists in the MENA region [Getty]

from Israeli firm Candiru has been used to target ²¹³¦°ù´Ç²õ²õÌý, according to reports.

The Candiru spyware was reportedly used to take advantage of the Chrome zero-day vulnerabilityÌýin March of this year, to target journalists and other victims from Lebanon, Palestine, Turkey and Yemen,Ìýaccording to the Czech antivirus and cyber security company Avast.

Avast that it had "recently" detected use of Candiru and thus identified a flaw in the Google browser.

Avast communicated the flaw on 1 July to , who fixed it three days later.

Avast said the Chrome browser vulnerability was found to be linked to Candiru, which offers and cyberespionage technology to .

The attacker planted theÌýChrome zero-day exploitÌýon an unidentifiedÌý news agency website to collect 50 data points from the target’s browser, which includes time zone, language, and device type, among others.

Candiru is also said to be capable of illegally retrieving messages, phone logs and photographs from devices belonging to victims it seeks to target, according to hackread.

MENA
Live Story

Avast researcherÌýJan Vojtěšek said it was "unclear" why the spyware was used to target journalists in the Middle East, but asserted that the Candiru’s objective was to spy and collect sensitive date from them.

Vojtěšek condemned use of the spyware for its "blatant violation" of press freedom and freedom of speech.

Candiru - which is also known as Saito Tech - is not the only to have been used to tap into unsuspecting victims' phones.

NSO Group has been embroiled in controversy since investigations by journalists and human rights groups found thatÌýseveral Ìý- including some Europe and the MENA region - were using itsÌýÌýto keep track of dissidents, activists and politicians, among others.

Avast said Candiru was usedÌýin a similar fashion, to target individuals including regime and government critics.

Like NSO Group, Candiru has also sanctioned by WashingtonÌýfor its "anti-US" activities, according to hackread.

Ìý