Citizen Lab, the human rights group at Microsoft on Thursday has claimed that an Israeli group had sold a tool which allowed attackers to hack into Microsoft Windows. This report attempts to shed some light on the growing number of cases of the development and sales of tools for hacking popular software.
Candiru Sold the Tool to Government Agencies
As per Citizen Lab, the hacking tool to Microsoft Windows was developed and sold by a hacking tool vendor who goes by the same Candiru. The tool has the capability of breaking into Windows, and happens to be one among a range of intelligence products which have dealings in the flaws in the common software platforms used by their clients.
This new move comes in the wake of Microsoft’s increasing attempts towards trying the reduce the incidents of online security attacks and threats. The tech giant has taken to identifying groups if hackers it claims to have been backed by governmental organizations, like Chinese group Hafnium, which, according to it, was the name behind the Exchange Server attacks.
This time around, the name that has been given to the group that sold the hacking software is called Sourgum. This comes even as Citizen Lab, which is located at the University of Toronto, claims that the company that sold the software is Candiru.
Nevertheless, the firm hold that the tool is sold by Sourgum to government agencies, which in turn use the same for carrying out hacking operations. The implicated malware has been dubbed “DevilsTongue”, and has apparently alredy caught as many as 100 people into its trap, some of which include activists, journalists, embassy workers, and even politicians, as per a statement by the General Manager of the Digital Security Unit at Microsoft, Cristin Goodwin. She also says that these hackers used the DevilsTongue tool to hack into consumer’s accounts, instead of opting to go straight for the large companies.
Windows 10 and All Previous Versions
The tech company in collaboration with Citizen Lab also discovered two security vulnerabilities that Candiru had allegedly been exploiting, and updates have been issued by Microsoft to address the same.
The two patches are apparently available for Windows 10, as well as for previous versions of Microsoft Windows, as well as Windows Servers.
Meanwhile, the firm is also trying to do business pertaining to security and vulnerabilities, and on Monday announced the acquisition of internet intelligence platform RiskIQ.