Sherlock: Spyware comes through online advertising

With Sherlock, the Israeli software manufacturer Insanet offers a complete commercial spying product to track victims using online banners, hack into their phones and computers and spy on them. This is reported by the Israeli newspaper Haaretz. The company, which – like many other spyware companies from Israel – has its roots in the military-industrial complex and security sector, perfidiously uses the system of targeted online advertising with targeting and tracking to track down those potentially affected. In addition, Sherlock largely works across operating systems on Windows computers, Apple iPhones and smartphones with Android.

Advertisement

Malvertising

In principle, the distribution of malicious code via harmless-looking advertising banners (“malvertising”) is nothing new. Since the beginning of the year, IT security experts have been observing more and more relevant campaigns on Google via the in-house advertising system Google Ads, with which attackers are trying to infect end users’ devices with malware. This usually makes it possible to steal contact data, login IDs and other sensitive information from infected computers or cell phones. According to the report, the fact that a complex state trojan with the ability to secretly monitor IT systems completely, including ongoing and stored communication, is being deployed via malvertising was previously public but unknown.

According to the newspaper, Insanet has teamed up with Candiru to market Sherlock. This is another spyware manufacturer based in Israel that primarily sells spying software that is similar to the well-known state trojan Pegasus from the Israeli NSO Group. Haaretz quotes from a Candiru advertising brochure that says Sherlock can infect Windows PCs just as well as smartphones with the two most common operating systems. So far, Candiru has specialized in the desktop world, the NSO Group in iPhones and its competitors in Android mobile phones. With the Insanet system, however, almost any device can be hacked effectively.

Jason Kelley from the US civil rights organization Electronic Frontier Foundation (EFF) described Insanet’s reliance on advertising technology to the online magazine The Register as particularly worrying. Dodgy online advertising relies on carefully designed images or JavaScript in the ads that exploit vulnerabilities in browsers and operating systems. But it could also be used to target specific groups of people, such as users who are interested in open source or who frequently travel to Asia. A broad ban on such “snooping” advertising failed in the EU during negotiations on the Digital Services Act (DSA).

Online targeting involves commercially available data “that is very difficult to delete from the Internet,” Kelley explained. “Most people have no idea how much of their information has been collected or shared by data brokers and ad tech companies.” The only hurdle for those interested in Sherlock is that the monitoring system, with the reported cost of six million euros per infection, has a hefty price tag and is therefore not compatible with the masses. However, there is now “another opportunity for spyware companies to monitor and target activists, reporters and government officials.” According to Haaretz, Sherlock will only be allowed to be exported with special licenses approved by the Israeli Ministry of Defense. Nevertheless, the spying system has already been sold to a non-democratic country.

(olb)

Zur Startseite

#Sherlock #Spyware #online #advertising