عربي English Türkçe اردو فارسى
Logo
Latest News
Technology

Meta Targets 'Cyber Mercenaries' Using Facebook to Spy

Facebook parent Meta says it has targeted a series of companies that use its networks for spying. Chris DELMAS AFP
Facebook parent Meta says it has targeted a series of companies that use its networks for spying. Chris DELMAS AFP
TT
20
TT

Meta Targets 'Cyber Mercenaries' Using Facebook to Spy

Facebook parent Meta says it has targeted a series of companies that use its networks for spying. Chris DELMAS AFP
Facebook parent Meta says it has targeted a series of companies that use its networks for spying. Chris DELMAS AFP

Facebook parent Meta on Thursday banned a series of "cyber mercenary" groups and began alerting some 50,000 people likely targeted by the firms accused of spying on activists, dissidents and journalists worldwide.

Meta took down 1,500 Facebook and Instagram pages linked to groups with services allegedly ranging from scooping up public information online to using fake personas to build trust with targets or digital snooping via hack attacks, AFP reported.

The social media giant also started warning about 50,000 people it believes may have been targeted in more than 100 nations by firms that include several from Israel, which is a leading player in the cyber-surveillance business.

"The surveillance-for-hire industry... looks like indiscriminate targeting on behalf of the highest bidder," Nathaniel Gleicher, head of security policy at Meta, told a press briefing.

The Facebook parent said it deleted accounts tied to Cobwebs Technologies, Cognyte, Black Cube and Bluehawk CI -- all of which were based or founded in Israel.

India-based BellTroX, North Macedonian firm Cytrox and an unidentified entity in China also saw accounts linked to them removed from Meta platforms.

Cytrox was also accused Thursday by researchers at Canadian cybersecurity organization Citizen Lab of developing and selling spyware used to hack Egyptian opposition figure Ayman Nour's phone.

- Unnamed Chinese operation -
"These cyber mercenaries often claim that their services only target criminals and terrorists," said a Meta statement.

"Targeting is in fact indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition members and human rights activists," it added. "We have banned them from our services."

Black Cube, in a statement to AFP, denied wrongdoing or even operating in the "cyber world."

"Black Cube works with the world's leading law firms in proving bribery, uncovering corruption, and recovering hundreds of millions in stolen assets," it said, adding the firm ensures it complies with local laws.

Firms selling "web intelligence services" start the surveillance process by gathering information from publicly available online sources such as news reports and Wikipedia.

Cyber mercenaries then set up fake accounts on social media sites to glean information from people's profiles and even join groups or conversations to learn more, Meta investigators said.

Another tactic is to win a target's trust on a social network and then trick the person into clicking on a booby-trapped link or file that installs software that can then steal information from whatever device they use to go online.

With that kind of access, the mercenary can steal data from a target's phone or computer, as well as silently activate microphones, cameras and tracking, according to the Meta team.

Bluehawk, one the targeted firms, sells a wide range of surveillance activities, including managing fake accounts to install malicious code, the Meta report said.

Some fake accounts linked to Bluehawk posed as journalists from media outlets such as Fox News in the United States and La Stampa in Italy, according to Meta.

While Meta was not able to pinpoint who was running the unnamed Chinese operation, it traced "command and control" of the surveillance tool involved to servers that appeared to be used by law enforcement officials in China.

Most Viewed

 
Technology

US May Target Samsung, Hynix, TSMC Operations in China

A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
TT
20
TT

US May Target Samsung, Hynix, TSMC Operations in China

A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)

The US Department of Commerce is considering revoking authorizations granted in recent years to global chipmakers Samsung, SK Hynix and TSMC, making it more difficult for them to receive US goods and technology at their plants in China, according to people familiar with the matter.

The chances of the United States withdrawing the authorizations are unclear. But with such a move, it would be harder for foreign chipmakers to operate in China, where they produce semiconductors used in a wide range of industries, Reuters said.

A White House official said the United States was "just laying the groundwork" in case the truce reached between the two countries fell apart. But the official expressed confidence that the trade agreement would go forward and that rare earths would flow from China, as agreed.

"There is currently no intention of deploying this tactic," the official said. "It's another tool we want in our toolbox in case either this agreement falls through or any other catalyst throws a wrench in bilateral relations."

Shares of US chip equipment makers that supply plants in China fell when the Wall Street Journal first reported the news earlier on Friday. KLA Corp dropped 2.4%, Lam Research fell 1.9% and Applied Materials sank 2%. Shares of Micron, a major competitor to Samsung and SK Hynix in the memory chip sector, rose 1.5%.

A TSMC spokesman declined comment. Samsung and Hynix did not immediately respond to requests for comment. Lam Research, KLA and Applied Materials did not immediately respond, either.

In October 2022, after the United States placed sweeping restrictions on US chipmaking equipment to China, it gave foreign manufacturers like Samsung and Hynix letters authorizing them to receive goods.

In 2023 and 2024, the companies received what is known as Validated End User status in order to continue the trade.

A company with VEU status is able to receive designated goods from a US company without the supplier obtaining multiple export licenses to ship to them. VEU status enables entities to receive US-controlled products and technologies "more easily, quickly and reliably," as the Commerce Department website puts it.

The VEU authorizations come with conditions, a person familiar with the matter said, including prohibitions on certain equipment and reporting requirements.

“Chipmakers will still be able to operate in China," a Commerce Department spokesperson said in a statement when asked about the possible revocations. "The new enforcement mechanisms on chips mirror licensing requirements that apply to other semiconductor companies that export to China and ensure the United States has an equal and reciprocal process.”

Industry sources said that if it became more difficult for US semiconductor equipment companies to ship to foreign multinationals, it would only help domestic Chinese competitors.

"It’s a gift," one said.