Israeli spyware targeted Saudi critics, Middle East news readers: report

Researchers at web security firm ESET say they have found links between attacks on websites in the Middle East and UK, and Israeli spyware firm Candiru.
2 min read
16 November, 2021
ESET researchers identified at least 20 websites targeted in the attacks. [Getty]

Spyware made by an Israeli firm blacklisted by the US has been used to target critics of Saudi Arabia and the readers of a Middle Eastern news website, a report has revealed.

Researchers at web security firm ESET said they found links between attacks on websites in the Middle East and UK and Israeli spyware firm Candiru.

In the attacks, known as 'watering hole attacks', malware is launched against users of websites whose readership is of interest to the malware user. The attacker is able to identify information about the targeted users, including browser and operating system specifics, the ESET report revealed. In some instances, the attacker is able to take control of the target’s computer.

The ESET researchers said that at least 20 websites were targeted by the spyware, including that of London-based news website Middle East Eye (MEE). The targets of the attacks had "links to the Middle East and a strong focus on Yemen and the surrounding conflict", the report said.

MEE has condemned the attacks, with editor-in-chief David Hearst saying that the revelations come as no surprise.

World
Live Story

"Substantial sums of money have been spent trying to take us out. This has not stopped us reporting what is going on in all corners of the region and I am confident that they will not stop us in future," he said in a statement published by MEE.

Candiru, along with fellow Israeli spyware firm NSO, was recently blacklisted by the US. A report by Citizen Lab earlier this year accused Candiru of selling spyware to authoritarian regimes who used fake Black Lives Matter and Amnesty International websites to lure in hacking targets.

Israel-based spyware firms have come under increased scrutiny over the last year, with revelations of large scale phone hacking causing friction between Israel and its allies.

A global investigation led by Paris-based journalism group Forbidden Stories revealed in July that the NSO group's Pegasus spyware had been used in hacks of smartphones belonging to Middle Eastern royals, individuals connected to slain Saudi journalist Jamal Khashoggi - who was murdered in 2018 by a hit squad - and French President Emmanuel Macron, among others.

While NSO's hacks have focussed on mobile devices, the Candiru attacks have attempted to infiltrate computers, the ESET report revealed.