Saudi Press

Saudi Arabia and the world
Monday, Jul 21, 2025

Spyware campaign targeted journalists, activists: researchers

Spyware campaign targeted journalists, activists: researchers

A spyware campaign using tools from a secretive Israeli firm was used to attack and impersonate dozens of human rights activists, journalists, dissidents, politicians and others, researchers said Thursday.
Statements from Microsoft security researchers and the University of Toronto's Citizen Lab said powerful "cyberweapons" were being used in precision attacks targeting more than 100 victims around the world.

Microsoft said it patched this week the vulnerability exploited by the group, known by the names Candiru and Sourgum.

Citizen Lab said in a blog post that "Candiru is a secretive Israel-based company that sells spyware exclusively to governments," which can then use it to "infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts."

"We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities," Citizen Lab said.

Microsoft observed at least 100 victims in the Palestinian territories, Israel, Iran, Lebanon, Yemen, Spain, Britain, Turkey, Armenia and Singapore.

The US tech firm said it moved to thwart the attacks with Windows software updates that prevent Candiru from delivering its malware.

"Microsoft has created and built protections into our products against this unique malware, which we are calling DevilsTongue," a Microsoft statement said.

"We have shared these protections with the security community so that we can collectively address and mitigate this threat."

According to Microsoft, DevilsTongue was able to infiltrate popular websites such as Facebook, Twitter, Gmail, Yahoo and others to collect information, read the victim's messages and retrieve photos.

"DevilsTongue can also send messages as the victim on some of these websites, appearing to any recipient that the victim had sent these messages," said the statement from Microsoft Threat Intelligence Center.

"The capability to send messages could be weaponized to send malicious links to more victims."

Citizen Lab researchers found evidence the spyware can exfiltrate private data from a number of apps and accounts, including Gmail, Skype, Telegram and Facebook.

It can also capture browsing history and passwords, as well as turn on the target's webcam and microphone, according to the findings.

Citizen Lab said the Israeli firm's current name is Saito Tech Ltd, and that it has some of the same investors and principals as NSO Group, another Israeli firm under scrutiny for surveillance software.
Newsletter

Related Articles

Saudi Press
0:00
0:00
Close
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
"Can You Hit Moscow?" Trump Asked Zelensky To Make Putin "Feel The Pain"
Nvidia Becomes World’s First Four‑Trillion‑Dollar Company Amid AI Boom
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Russia Formally Recognizes Taliban Government in Afghanistan
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Emirates Airline Expands Market Share with New $20 Million Campaign
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
Amazon Reaches Major Automation Milestone with Over One Million Robots
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
China Unveils Miniature Insect-Like Surveillance Drone
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Iran Executes Alleged Israeli Spies and Arrests Hundreds Amid Post-War Crackdown
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
Iran's Parliament Votes to Suspend Cooperation with Nuclear Watchdog
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
NATO Leaders Endorse Plan for Increased Defence Spending
U.S. Crude Oil Prices Drop Below $65 Amid Market Volatility
Explosions Rock Doha as Iranian Missiles Target Qatar
“You Have 12 Hours to Flee”: Israeli Threat Campaign Targets Surviving Iranian Officials
Oman Set to Introduce Personal Income Tax, First in Gulf
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Iran Intensifies Crackdown on Alleged Mossad Operatives After Sabotage Claims
Trump Praises Iran’s ‘Very Weak’ Response After U.S. Strikes and Presses Israel to Pursue Peace
WATCH: Israeli forces show the aftermath of a massive airstrike at Iran's Isfahan nuclear site
We have new information and breaking details to share about what is shaping up to be a historic air campaign tonight
Six Massive Bombs Dropped on Fordow; Trump: 'A Historic Moment for the U.S., Israel, and the World'
Fordow: Deeply Buried Iranian Enrichment Site in U.S.–Israel Crosshairs
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
Pakistan to nominate Trump for Nobel Peace Prize.
Israel Confirms Assassination of Quds Force Commander in Tehran
16 Billion Login Credentials Leaked in Unprecedented Cybersecurity Breach
Senate hearing on who was 'really running' Biden White House kicks off
G7 Leaders Fail to Reach Consensus on Key Global Issues
Mass exodus in Tehran as millions try to flee following Trump’s evacuation order
Iranian Military Officers Reportedly Seek Contact with Reza Pahlavi, Signal Intent to Defect
Vietnam Emerges as Luxury Yacht Destination for Ultra‑Rich
China's Iranian Oil Imports Face Disruption Amid Escalating Middle East Tensions
Trump Demands Iran's Unconditional Surrender Amid Escalating Conflict
Israeli Airstrike Targets Iranian State TV in Central Tehran
President Trump is leaving the G7 summit early and has ordered the National Security Council to the Situation Room
Netanyahu Signals Potential Regime Change in Iran
×