Research from a cybersecurity company indicates that Candiru hacked journalists throughout the Middle East.
By: Lauren Marcus
An Israeli spyware company has reportedly leveraged a now-fixed vulnerability in the Google Chrome internet browser to target Middle Eastern journalists and gain access to their data and the contents of their devices, according to a World Israel News report.
Tel Aviv-based Candiru, also known as SAITO Tech, uses proprietary technology to engage in cyberespionage. As recently as 2021, Candiru was officially sanctioned alongside another Israeli spyware firm, the NSO Group, by the U.S. Department of Commerce.
Candiru was blacklisted “based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers,” according to a statement on the Department of Commerce’s website.
But despite the public rebuke, Candiru appears to have continued its activities, reportedly acting as a hacking-for-hire firm on behalf of various governments.
Cybersecurity company Avast released a report last week, which they said linked Candiru to a number of cyber spying incidents targeting journalists throughout the Middle East.
The alleged victims of the hacking were located in Lebanon, Turkey, and Yemen, as well as in Palestinian Authority-controlled cities.
“We can’t say for sure what the attackers might have been after, however often the reason why attackers go after journalists is to spy on them and the stories they’re working on directly, or to get to their sources and gather compromising information and sensitive data they shared with the press,” said Jan Vojtěšek, a researcher at Avast, in a statement on the company’s website.
“We believe the attacks were highly targeted.”
According to a TechCrunch report, Candiru successfully retrieved some 50 data points from a victim’s browser, including its time zone, language, device type, language, screen information, device memory, and browser plugins.
It’s unclear who or what entities obtained Candiru’s services for the spying attacks.
In other Israel related news, JNS reported that on Sunday afternoon, Ben Shapiro, the editor emeritus of The Daily Wire, ascended to the Temple Mount in Jerusalem to pray with his parents and a group of followers.
Shapiro’s first visit to the Temple Mount was during the holiday of Sukkot back in October 2019. That visit was cut short after someone in his group was found to be carrying a willow branch in his pocket as a mitzvah for the last day of Sukkot, leading to the group’s removal from the holy site.
While waiting for security to clear the group to enter the complex this time around, Shapiro told JNS that he hoped to be permitted to complete the tour this time.
“Hopefully, we actually make it all the way around the outside of the compound this time,” he said. “I wish we could all daven (‘pray’) openly there—the freest thing to do. The only place where Israel is an apartheid state is only on Har HaBayit [the Temple Mount]. That’s the only place.”
Shapiro’s group was escorted by five Israeli police officers with one Jordanian Waqf guard watching at a distance.
While on the complex, Shapiro and his group recited afternoon prayers, and his father said Kaddish for his grandmother, who passed away less than a year ago. During prayers, the group was repeatedly interrupted by Israeli police, who rushed them through their visit.
(WorldIsraelNews.com & JNS.org)
