The number of companies developing spyware and providing spying services to government agencies and attackers around the world is increasing, and what's worse is that business is good for all of them.
This is according to a new report from Google, which highlights growing concerns about commercially developed spyware.
Google currently tracks approximately 40 commercial surveillance vendors (CSV), according to its latest Buying Spy report. Some are more popular than others, but all play an important role in the development of spyware. One of their bigger roles is finding zero-day vulnerabilities. In fact, Google claims that his CSV is responsible for half of the known zero-day exploits targeting Google products and the Android ecosystem.
Commercial spyware companies have been making headlines in recent weeks, largely due to exploits by NSO Group. The Israel-based startup has developed a tool called Pegasus, which it claims is designed to help governments around the world protect themselves from terrorist attacks and similar threats. Instead, it was discovered that Pegasus was being used against government officials in the UK and EU, and many cybersecurity researchers and privacy advocates believe that Pegasus was used against government opponents, journalists, intellectuals, and dissidents. He warns that it will be used against the sect. This led the US, for example, to blacklist her NSO group.
Furthermore, the demand for “turnkey spy solutions” is also increasing. CSV not only exploits zero-days to evade cybersecurity solutions and antivirus programs, but also bundles paid packages that include spyware and the necessary infrastructure to collect and steal sensitive information from targets. Offers.
Among the CSVs are companies working on finding vulnerabilities, companies working on selling exploits, companies building spyware solutions, and finally, buying these bundles to move this industry forward. This includes government customers.
“CSV is spreading hacking and spyware capabilities, making the internet less secure for everyone. That is why they share information with vendors and publicly disclose information about the operations they disrupted,” Google researchers concluded.