First, we built protections into our products against the unique malware Sourgum created, and we shared those protections with the security community. “To limit these attacks, we focused on two actions.
These vulnerabilities were patched in a security update released on July 13, 2021.
To tackle this spyware, Microsoft has released a security patch for two zero-day bug vulnerabilities - CVE-2021-31979 and CVE-2021-33771. This could allow malicious links or other messages to be sent directly from a compromised user’s computer. Microsoft’s analysis has also shown that the spyware can also send messages from logged-in email and social media accounts directly on the victim’s computer. Once the spyware has infected a Windows PC, it exfiltrates files, exporting all messages saved in the Windows version of the popular encrypted messaging app Signal, and stealing cookies and passwords from Chrome, Internet Explorer, Firefox, Safari, and Opera browsers. For an additional €5.5M, the customer can monitor 25 additional devices simultaneously, and conduct espionage in five more countries,” Citizen Labs wrote in its report. For an additional €1.5M, the customer can purchase the ability to monitor 15 additional devices simultaneously, and to infect devices in a single additional country. “The €16 million project proposal allows for an unlimited number of spyware infection attempts, but the monitoring of only 10 devices simultaneously.
Their product offering includes solutions for spying on computers, mobile devices, and cloud accounts. As Citizen Labs explains it, Candiru is a mercenary spyware firm that markets ‘untraceable’ spyware to government customers. What is DevilsTongue and what does it do?ĭevilsTongue is a spyware tool developed by a Tel Aviv, Israel-based company called Candiru. Microsoft in a blog post said that the spyware was being used in precision attacks targeting more than 100 victims including politicians, human rights activists, journalists, academics, embassy workers and political dissidents in countries around the world including around the world including Palestine, Israel, Iran, Lebanon, Yemen, Spain, United Kingdom, Turkey, Armenia, and Singapore.Īlso read: Looking for a smartphone? Check Mobile Finder here.