An Israeli company that sells spyware to governments is linked to fake Black Lives Matter and Amnesty International websites that are used to hack targets, according to a new report.
Researchers from the Citizen Lab at the University of Toronto, who worked with Microsoft, issued a report on Thursday about the potential targets of Candiru, a Tel Aviv-based firm marketing “untraceable” spyware that can infect and monitor computers and phones.
One way the company’s spyware allegedly infects targets is through web domains, and the researchers found that the firm’s software was associated with URLs masquerading as NGOs, women’s rights advocates, activist groups, health organizations and news media. Citizen Lab’s research uncovered websites tied to Candiru with domain names such as “Amnesty Reports”, “Refugee International”, “Woman Studies”, “Euro News” and “CNN 24-7”.
[...]
Microsoft’s threat intelligence center, which tracks security threats and cyberweapons, conducted its own analysis and said it found at least 100 targets of malware linked to Candiru, including politicians, human rights activists, journalists, academics, embassy workers and political dissidents. Microsoft found targets in the UK, Palestine, Israel, Iran, Lebanon, Yemen, Spain, Turkey, Armenia and Singapore, the report said.
Microsoft said in a blogpost on Thursday that it had disabled the “cyberweapons” of Candiru and built protections against the malware, including issuing a Windows software update.
There are no legitimate reasons for intelligence firms or their government customers to create websites that impersonate high-profile activist groups and not-for-profit organizations, said Bill Marczak, a co-author of the report, in an interview.
Activists who are targeted may click on links that appear to be from trusted sources and then be taken to a site with innocuous content or redirected elsewhere, he explained. “But this website, which was specially registered for the purpose of exploiting their computer, would run code in the background that would silently hijack control of their computer,” he said.
[...]
The team also identified more than 750 domain names that appeared to be linked to Candiru and its customers. In addition to the sites masquerading as not-for-profits, the researchers found URLs that appeared to impersonate a left-leaning Indonesian publication; a site that publishes Israeli court indictments of Palestinian prisoners; a website critical of Saudi Arabia’s crown prince, Mohammed bin Salman; and a site that appeared to be associated with the World Health Organization.
Same here honestly. I was surprised to see that there was still a release of Debian/Hurd as of 2019. There used to be Gentoo/Hurd too, but that's been dead for a long while now.
The thing is, Linux is permanently stuck at GPLv2. The license included with it omitted the "GPL 2 or greater" clause, and the copyright ownership is scattered to oblivion. For the GNU purists who want a GPLv3+ kernel, Hurd has been the only viable project for a long ass time. So some people still contribute to it for that reason. Others are kernel theory nerds who are interested in the micro-kernel architecture as opposed to Linux's monolithic kernel. The project will probably never die for those reasons, but it will also never reach even a FreeBSD level of hardware compatibility.