Spyware risks are rising fast, and you should definitely be worried — even Google says so

Pls share this post

Listen to this article

Companies developing spyware and offering spying services to government agencies and threat actors around the world are growing in number, and to make matters worse, for all of them – business is good. 

This is according to a new report from Google, which highlights the growing concern of commercially developed spyware.

Now, according to Google’s latest Buying Spying report, it tracks around 40 Commercial Surveillance Vendors (CSV). Some are more popular than others, but all play an important role in developing spyware, it said. One of their bigger roles is discovering zero-day vulnerabilities. In fact, Google claims CSVs are behind half of known zero-day exploits targeting Google products and the Android ecosystem.

READ ALSO  Another top blockchain deal provider has been hacked, with millions in crypto stolen

Buying spying

Commercial spyware companies have hit the headlines in recent weeks due largely to the exploits of NSO Group. This Israeli-based start-up developed a tool called Pegasus, and claimed it was designed to help governments around the world defend against terrorist attacks and similar threats. Instead, Pegasus was found used on government officials in the UK and the EU, and many cybersecurity researchers and privacy advocates were warning of Pegasus being used against government opponents, journalists, intellectuals, or dissidents. This prompted the US, for example, to blacklist NSO Group.

Furthermore, the demand for “turnkey espionage solutions” is on the rise. CSVs offer pay-to-play bundles that not only abuse zero-days to work around cybersecurity solutions and antivirus programs, but also spyware, and the infrastructure necessary to harvest and exfiltrate sensitive information from the targets. 

The mobile app for the 'world's biggest casino' had some major security flaws

Among CSVs are those working on discovering vulnerabilities, those working on selling exploits, those building spyware solutions, and finally – government customers who purchase these bundles and propel this industry forward. 

“CSVs have proliferated hacking and spyware capabilities that weaken the safety of the internet for all. This is why we discover and patch vulnerabilities used by CSVs, share intelligence strategies and fixes with industry peers and publicly release information about the operations we disrupt,” Google’s researchers concluded. 

More from TechRadar Pro

READ ALSO  ProtonMail could be banned in India following bomb threat


Pls share this post
Previous articleAI-enabled PCs and genAI smartphones set to take off
Next articleMatt Gaetz is trying to oust a GOP congressman who once screamed at him on the House floor