Teacher
Professional
Google has highlighted the activities of several spyware companies in a new report and called on the United States and its allies to step up their fight against the cyber espionage industry.
The paper argues that while such programs are often marketed as national security tools for government agencies, in reality they are often used to hack the phones of civil society, political opposition and journalists.
The Google TAG team conducted a detailed analysis of Commercial Surveillance Vendors (CSV). TAG tracks about 40 CSV companies of varying degrees of complexity and prominence. The report provides information about the developers, sellers and users of spyware, how CSV operates, the types of products being developed and sold, and an analysis of recent activity.
Google researchers point out that while Israeli company NSO Group and its Pegasus spyware are widely known, there are many lesser-known organizations promoting spying technology for malicious purposes. According to Google, the private sector is now responsible for a significant portion of the most advanced hacking tools discovered by experts.
Firms are establishing relationships with government agencies, providing them with an assortment of zero-day exploits based on vulnerabilities that defense mechanisms are not even aware of, as well as exploits for already known vulnerabilities that require minimal user interaction, up to Zero-Click.
Among the companies mentioned are the Italian Cy4Gate and RCS Labs, the Greek Intellexa, as well as the lesser-known Negg Group from Italy and Variston from Spain. It is noted that these companies offer phone hacking services and are actively developing ways to bypass the latest security measures introduced into the iOS and Android operating systems by Apple and Google.
The report specifically notes that the discovered Negg Group software was used to spy on people in Italy, Malaysia and Kazakhstan. It also points to Variston software that infected devices through Google Chrome, Mozilla Firefox browsers or iOS applications.
Google's report comes as the US announces a new visa restriction policy for abusers of commercial spyware. The measure is aimed at limiting the ability of spyware companies to operate in the United States and changing the structure of incentives that encourage their growth.
Google is calling for stronger action in the fight against the cyberespionage industry, stressing that it is important to keeping the Internet safe for all users.
The paper argues that while such programs are often marketed as national security tools for government agencies, in reality they are often used to hack the phones of civil society, political opposition and journalists.
The Google TAG team conducted a detailed analysis of Commercial Surveillance Vendors (CSV). TAG tracks about 40 CSV companies of varying degrees of complexity and prominence. The report provides information about the developers, sellers and users of spyware, how CSV operates, the types of products being developed and sold, and an analysis of recent activity.
Google researchers point out that while Israeli company NSO Group and its Pegasus spyware are widely known, there are many lesser-known organizations promoting spying technology for malicious purposes. According to Google, the private sector is now responsible for a significant portion of the most advanced hacking tools discovered by experts.
Firms are establishing relationships with government agencies, providing them with an assortment of zero-day exploits based on vulnerabilities that defense mechanisms are not even aware of, as well as exploits for already known vulnerabilities that require minimal user interaction, up to Zero-Click.
Among the companies mentioned are the Italian Cy4Gate and RCS Labs, the Greek Intellexa, as well as the lesser-known Negg Group from Italy and Variston from Spain. It is noted that these companies offer phone hacking services and are actively developing ways to bypass the latest security measures introduced into the iOS and Android operating systems by Apple and Google.
The report specifically notes that the discovered Negg Group software was used to spy on people in Italy, Malaysia and Kazakhstan. It also points to Variston software that infected devices through Google Chrome, Mozilla Firefox browsers or iOS applications.
Google's report comes as the US announces a new visa restriction policy for abusers of commercial spyware. The measure is aimed at limiting the ability of spyware companies to operate in the United States and changing the structure of incentives that encourage their growth.
Google is calling for stronger action in the fight against the cyberespionage industry, stressing that it is important to keeping the Internet safe for all users.
