Google has exposed a network of spy companies working for governments


Reaction score
Google has revealed details about the spyware developers and called for international cooperation.

Google Corporation in its new report singled out the activities of several companies involved in the development of spyware, and called on the United States and its allies to actively fight the cyber espionage industry.

The document claims that although such programs are often positioned as national security tools for government agencies, in fact they are often used to hack the phones of representatives of civil society, the political opposition and journalists.

The Google TAG team conducted a detailed analysis of vendors of commercial tracking systems (Commercial Surveillance Vendors, CSV). TAG tracks about 40 CSV companies of varying complexity and prominence. The report contains information about developers, sellers, and users of spyware, how CSV works, what types of products are being developed and sold, and an analysis of recent activity.

Google researchers point out that, despite the wide popularity of the Israeli company NSO Group and its Pegasus spyware, there are many less well-known organizations that promote the distribution of spy technologies for malicious purposes. According to Google, the private sector is currently responsible for a significant portion of the most sophisticated hacking tools detected by experts.

Firms build relationships with government agencies, providing them with a range of zero-day exploits based on vulnerabilities that the defense mechanisms don't even know about, as well as exploits for already known vulnerabilities that require minimal user interaction, up to Zero-Click.

Among the mentioned companies are Italian Cy4Gate and RCS Labs, Greek Intellexa, as well as lesser-known Negg Group from Italy and Variston from Spain. It is noted that these companies offer phone hacking services and are actively developing ways to circumvent the latest security measures implemented in the iOS and Android operating systems by Apple and Google.

The report specifically notes that the detected software of the Negg Group company was used to spy on people in Italy, Malaysia and Kazakhstan. It also points to the Variston software that infected devices via Google Chrome, Mozilla Firefox, or iOS apps.

Google's report comes amid the US announcement of a new visa restriction policy for individuals abusing commercial spyware. The measure is aimed at limiting the ability of spyware companies to work in the United States and changing the structure of incentives that promote their growth.

Google is calling for stronger action in the fight against the cyber espionage industry, emphasizing that it is important to ensure the security of the Internet for all users.