Candiru: Another Cyberweapons Arms Manufacturer

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru.

From the report:

Summary:

  • Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts.
  • Using Internet scanning we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.
  • We identified a politically active victim in Western Europe and recovered a copy of Candiru’s Windows spyware.
  • Working with Microsoft Threat Intelligence Center (MSTIC) we analyzed the spyware, resulting in the discovery of CVE-2021-31979 and CVE-2021-33771 by Microsoft, two privilege escalation vulnerabilities exploited by Candiru. Microsoft patched both vulnerabilities on July 13th, 2021.
  • As part of their investigation, Microsoft observed at least 100 victims in Palestine, Israel, Iran, Lebanon, Yemen, Spain, United Kingdom, Turkey, Armenia, and Singapore. Victims include human rights defenders, dissidents, journalists, activists, and politicians.
  • We provide a brief technical overview of the Candiru spyware’s persistence mechanism and some details about the spyware’s functionality.
  • Candiru has made efforts to obscure its ownership structure, staffing, and investment partners. Nevertheless, we have been able to shed some light on those areas in this report.

We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.

Tags: , , , ,

Posted on July 19, 2021 at 10:54 AM44 Comments

Comments

Richard Bejtlich July 19, 2021 12:03 PM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

This is similar to the idea that the state keeps a monopoly on violence.

wumpus July 19, 2021 12:09 PM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

This is also a sub-set of “can we control international intelligence agencies?”. Cyber-arms are manufactured by companies thanks to the way western governments work, but nothing really stops said agencies from developing their own and horse-trading between each other. And quite likely they are the ones who know exactly who the cyber-arms dealers are, and applying the rule of “Never Say Anything” about them.

And it is one thing to close up the companies more or less openly operating. But nothing is stopping such companies from popping back up on the dark web or otherwise like a ransomware company (not depending on the dark web for safety).

I’m sure such a move would ruin their profits as the big DoD firms pay dearly for a lot of hand holding and micromanagement, and I’d assume the same is true for intelligence contracts. But the fundamental business would still exist, although more likely supplying corporations and gangs more than governments (if only thanks to more available customers).

My guess is that as long as such a thing is profitable, it will be done. Presumably if you can find a way to catch ransomware corps, you can do the same to these types, but both sound non-trivial. And do absolutely nothing about the agencies themselves developing the software.

ADFGVX July 19, 2021 1:05 PM

@ wumpus • July 19, 2021 12:09 PM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

NATO needs to die. And the liars and crooks who work law need to stop grabbing our guns. Until then everybody must suffer alike and submit to the industry-recommended Spyware, Smut, and Revenge Porn, which are enforced on us for our own good.

Etienne July 19, 2021 1:50 PM

“We’re not going to be able to secure the Internet until…

we treat all computers as war materiel, and all users as conscripts.”

Courts Martial, Guantanamo, Hard Labor, Hanging…

“It should be easier to get a machine gun than a computer.” – John von Neumann

(OK, I’m making this all up)…

bcs July 19, 2021 1:59 PM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

But that’s not going to happen. At least non completely. As long as there are clients willing to buy, there will be people willing to sell. And as long as there are people willing to sell, there will be countries unwilling (or unable) to kick them out.

Even if some sort of solution takes away enough of those countries sovereignty to force them to try and kick those seller out, that’s never worked for other markets (drugs?). You can exert influence, but as long as there is a reason to want something, there will be people selling it. Capitalism isn’t first and foremost a political philosophy, rather it an acknowledgment of reality.

xxx July 19, 2021 2:10 PM

Geez, how naive are some.

hxxps://www.wired.com/story/untold-history-americas-zero-day-market/

Threats are just an everyday thing, if you are lucky. If you are not, they just kill you and take that 0day. Many brokers are killed or disappeared.

xxx July 19, 2021 3:19 PM

I suggest everyone to read this.

hxxps://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf

“Got on a major player’s radar (will not reveal the name).Effectively threatened in a broad daylight at a café.Not worth the risk, closed Q-recon”

Maybe someone will stop being so naive – “regulate”.
They are ready to kill for 0day.

Clive robinson July 19, 2021 3:33 PM

@ Richard Bejtlich,

This is similar to the idea that the state keeps a monopoly on violence.

Many states,do believe they have monopolies over their, citizens via violence, theft, and worse.

The fact they may or may not actually do so is where the practical reality of real politic kicks in.

Supprising to many, much of the “guard labour response” is actually not down to the fact that their rule is not by concent or with actuall power. But actual fear of what the civilian population will do to “Gaurd Labour” when it is,shown up fo what it usually is, a “con job”.

Truth.is.stranger.than.fiction July 19, 2021 5:16 PM

Let’s play Eeny Meeny Miny Moe. All three surveillance stories appeared this past week.

  1. Fox TV News Anchor Tucker Carlson claims he is being surveilled by the NSA. He has a Twitter argument with NSA about it. MSM rejects his claims.
  2. Iranian dissident in NYC is under police protection because FBI found out that the Iranian government is surveilling her and was going to kidnap her and take her back to Iran. How do you think the US Government figured this out? The dissident had no idea.
    ht tps://www.wbaltv.com/article/iranian-nationals-charged-with-alleged-kidnapping-plot-of-us-journalist-court-documents-say/37056652
  3. CitizenLab produce so many reports about Israel that the media is mixing them up. The current report is about a Microsoft WINDOWS exploit. The iPhone exploit was about another company last year. Interestingly, in the current report the only mention of its impact on phones is that is can decrypt and exfiltrate conversations in the Signal messaging app. There’s also mention of it stealing SSO cookies. It sounds similar to the Golden SAML attacks earlier this year which the US Gov just blamed on China. But there’s speculation in here that some countries may have diverted it:
    ht tps://www.microsoft.com/security/blog/2021/07/15/protecting-customers-from-a-private-sector-offensive-actor-using-0-day-exploits-and-devilstongue-malware/
  4. Are all these stories interrelated?

Jon July 19, 2021 5:27 PM

@ Truth.is…

#4 ) Yes. They are interrelated because writing lousy software riddled with security holes comes with no consequence for the companies that distribute it. J.

John Tillotson July 19, 2021 7:01 PM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

Nonsense. We won’t be able to secure the Internet until we stop putting SCADA stuff and all of our sensitive data on insecure but cheap platforms connected to the Internet with little or no protection.

We need to:
1. Hold the C-suite and the Board fiscally and legally accountable for security failures.
2. Purveyors of insecure software need to be held accountable for the utter failure to deliver a product fit for purpose.

SpaceLifeForm July 19, 2021 7:38 PM

@ Truth.is.stranger.than.fiction, Jon

Point 1:

Tucker Carlson is not the sharpest tool at the top of the elevator. But, you know that. He is not a target. His problem is that he has communicated with targets that are outside of US.

The fact that he wants to make a big deal about this, kinda hints at a leak problem, no? He should not really be concerned unless he has reason to be concerned. Or he is fishing. I think he has received a leak, and was told to fish for more information.

Point 2:

NSA

Point 3:

Yes the media gets confused, intentionally, and it worked on you.

Point 4:

Yes, as Jon noted, they are all related. There is going to be more and more coming out everyday.

We will be overwhelmed.

The trick will be to pay attention to the important points (the signal), and not waste your time paying attention to the unimportant stuff (the noise).

It’s not going to be easy.

May you live in interesting times.

Truth.is.stranger.than.fiction July 19, 2021 7:45 PM

I wouldn’t call cookie scraping tech a weapon. Everyone does it. Their blog describing the exploit says that Signal, Twitter, Facebook and GMAIL messages and photos were scraped too. How would they know that unless they did it too?

Apps are leaky by design.

Authentication/SSO cookies are supposed to be encrypted by the browser. But their blog also admits that their SSO cookies weren’t encrypted or it was easily bypassed. This is a big deal.

ht tps://www.microsoft.com/security/blog/2021/07/15/protecting-customers-from-a-private-sector-offensive-actor-using-0-day-exploits-and-devilstongue-malware/

Steve July 19, 2021 7:47 PM

@Bruce: We’re not going to be able to secure the Internet…

I think you can stop right there.

Winter July 20, 2021 6:01 AM

@Richard Bejtlich,
“This is similar to the idea that the state keeps a monopoly on violence.”

The alternative being what?

Where this generally goes wrong is in states where the rule of law is weak or absent, e.g., the USA. But the alternative is not everybody shooting at everybody else, but to install the rule of law.

My experience is that in countries that enforce human rights, the monopoly on violence is not a problem. In countries that do not honor human rights, it is not the monopoly on violence that is the problem. Or is there anyone who thinks using violence against China’s or Russia’s police forces is a successful strategy?

I know there are US gun crazies who seriously think private guns will stop an organized police force or even army. But reality tells us these are just contenders for the Darwin Awards.
https://darwinawards.com/darwin/darwin2018-14.html

Winter July 20, 2021 6:12 AM

@SLF, @ Truth.is.stranger.than.fiction, Jon
“Point 2: NSA”

I would say that interrupting enemy operations on US soil are quite frankly one of the tasks the NSA were established for. If they do not do that, why would they even exist?

Clive Robinso July 20, 2021 6:12 AM

@ Bruce, Steve,

We’re not going to be able to secure the Internet…

The word you are looking for is not “able” but “allowed”.

We can within reason make the Internet as secure as we might wish in certain areas but not others.

The “not others” are down to “Key Managment” issues underlying which are “sociological issues”.

To be blunt we’ve had a failure in imagination in the human race since the late 1880’s and by default we see everything in “hierarchy structures” that will always fail us due to “corruption at the top” in one way or another, coupled to “vested interests” not wanting any change due to their own benifit.

Maybe if we actually kicked much of the resulring road kill junk to the side of the road and actually worked on ways to fixe the issue from both ends working towards a secure middle we would make progress, instead of effectively moving backwards for 75years as we have done for the last 75…

JonKnowsNothing July 20, 2021 7:33 AM

@Winter

re: Where this generally goes wrong is in states where the rule of law is weak or absent, e.g., the USA.

Just want to point out that the USA has a tonnage of laws. We have so many laws only a small group of people know them (we call them Lawyers others might call them Barristers/Solicitors). There are so many laws that even within that group they do not know them all, they have to specialize in one aspect and even then they can miss a lot.

The USA also has an infamous reputation for incarceration. We put a large number of people in jail after the application of the laws with or without attributable proofs of culpability. The USA ends up releasing a lot of people because they did not commit the crime(s) they were charged with or the proofs provided to the courts were faulty. Generally this takes place decades after the conviction. So even the experts in Law do not know the proper application of them or the correct proofs.

There is certainly something that needs changing, however, all the current systems, except one, have not be around for that long. Many are new applications of old thinking and many are cult-type where the persona is more important than the application of Law as it pertains to the benefits of their citizens.

Quite a lot has been written on this topic over a longer period. Still we have no coherent solutions and lurch from one viewpoint to the other.

tl;dr example

The USA jettisoned the concept of royalty or inherited rule. It was radical in the day because God Anoints the King/Queen and dumping said personages meant an insult (morally) to God.

Yet the USA is still immersed in the concept of Kings, Queens, Princes and Princess with a few Dukes and Duchess are making the rounds of Hollywood.

In much literature there is the concept of the benign and generous King/Queen who rules with Justice, Mercy and Benefits for All. A King/Queen were there is no need for other Laws, or enforcers because their Majesty is all that God requires to provide for the good of all people.

Does not work out very well, historically and currently.

Even in a Republic where Monarchy is decried and denounced, we still hang on to those same views and the Laws that evolved from them.

Winter July 20, 2021 8:25 AM

@Jon
” We have so many laws only a small group of people know them (we call them Lawyers others might call them Barristers/Solicitors). ”

Actually, no one knows even how many federal laws an regulations there are, let alone what they are.

This allows prosecutors to convict anyone, because every American breaks a federal law or rule every day of their life. With too many laws, there cannot be a rule of law.

Another factor is that most criminals do not get a trial but are blackmailed into a plea bargain (we can keep you in jail without bond for 5 years with the risk of maximum punishment, or you can plead guilty and get 4 years).

So, the rule of what law?

@Jon
“The USA also has an infamous reputation for incarceration. We put a large number of people in jail after the application of the laws with or without attributable proofs of culpability.”

Incarceration takes the place of social welfare in the US and doubles as a mechanism to oppress minorities.

As they say, the USA is not a Democracy but a Republic. But they are not even a Republic.

JonKnowsNothing July 20, 2021 8:34 AM

@Winter

re: … USA is not a Democracy but a Republic. But they are not even a Republic.

In general, I find that people who make gross statements like this have no clue about the words they select or what they really mean.

Nice catch phrase, but without value.

Winter July 20, 2021 8:51 AM

@Jon
“Nice catch phrase, but without value.”

The phrase is not mine, but you can find it everywhere:
America Is a Republic, Not a Democracy
ht tps://www.heritage.org/american-founders/report/america-republic-not-democracy

But what is a Republic in the eyes of those who use the catch phrase:

Our republic is built on the recognition that no single part of the community has a monopoly on justice. Genuine political justice therefore requires tending to the legitimate needs and contributions of a community’s non-majoritarian elements and preserving the social, familial, civic, and religious practices that define them.

So, when looking to modern day America (or any day America), was it now, or was it ever, not in a situation where a “single part of the community has a monopoly on justice”? Was America’s legal, justice, or political system ever
“tending to the legitimate needs and contributions of a community’s non-majoritarian elements and preserving the social, familial, civic, and religious practices that define them”
when these non-majoritan elements were non-white, non-christian, non-capitalist, non-rich, or non-male?

So, when America was never a real Democracy, and likely never a real Republic, what was it?

CallMeLateForSupper July 20, 2021 9:04 AM

I think it’s refreshing to have a dirt-bag group to despise that is not NSO Group. How long have we been watching & hearing about that one? At least two years, I think. Too long anyway.

Anon July 20, 2021 9:19 AM

“We’re not going to be able to secure the Internet until we deal with the companies that engage in the international cyber-arms trade.”

Really…..

Good luck with that….it will never happen…..

Clive Robinson July 20, 2021 9:27 AM

@ Winter, JonKnowsNothing,

So, when America was never a real Democracy, and likely never a real Republic, what was it?

It was a club of diseffected proto-gentlemen who had disdane for most of anything they did not see as at their intellectual level.

They wanted status and trappings of fine titles etc and the respect they saw of their near equals, but had to avoid the apperance of just being a chip off of the English molding.

Their disdainful view point of democracy being “the rabble running amok” may have been from their view point of laudable sentiment and fundementaly sound view point. But at the end of the day just as denialist as any self apointed tyranical system with a self serving pretence at a veneer of legal legitimacy.

Like many systems that are “paternalistic” they quickly become one of patronage in one way or another and that’s when the “King Game” starts and the “Devine Right” that can not be,questioned or tested…

Winter July 20, 2021 9:48 AM

@Clive
“Their disdainful view point of democracy being “the rabble running amok” may have been from their view point of laudable sentiment and fundementaly sound view point.”

There have been ample historical examples of Democracies of various sizes that devolved into blood baths due to a majority “running amok” under the influence of the fad and populist of the day. That is why most democracies have two levels of majorities, a simple majority for the easy stuff, and a qualified majority for the fundamental stuff, like constitutions. Voting districts are another way to handle such run-away cycles of “Extraordinary Popular Delusions and the Madness of Crowds”.

Limiting voting rights to those with the required means (money or property) was universal in those times. Universal suffrage were a thing at the end of the 19th century, not in 1776. So it is very a-historical to use that against the writers of the constitution.

ADFGVX July 20, 2021 9:52 AM

@ Winter

“single part of the community has a monopoly on justice”? Was America’s legal, justice, or political system ever
“tending to the legitimate needs and contributions of a community’s non-majoritarian elements and preserving the social, familial, civic, and religious practices that define them”
when these non-majoritan elements were non-white, non-christian, non-capitalist, non-rich, or non-male?

That’s Alexandra Ocasio-Cortez. The women’s wing of the Communist Party. Girls have spotless dresses and they attend Catholic schools and Catholic churches, but they’re “non-Christian.” All modern workplaces are strictly sex-segregated. Wake up, sheeples!

So, when America was never a real Democracy, and likely never a real Republic, what was it?

You have to smoke a lot of weed for that line of reasoning, because a “Republic” is basically Latin for German “Reich” if the Christian Democrats in Germany today aren’t building up to a Fifth or Sixth Reich under Angela Merkel.

@ CallMeLateForSupper • July 20, 2021 9:04 AM

I think it’s refreshing to have a dirt-bag group to despise that is not NSO Group. How long have we been watching & hearing about that one? At least two years, I think. Too long anyway.

Candiru is “not” NSO Group. That is an interesting proposition.

ht_tps://amp.theguardian.com/world/2021/jul/20/pegasus-project-turns-spotlight-on-spyware-firm-nso-ties-to-israeli-state

Back in 2017, few would have disputed that Israel and Saudi Arabia were regional foes. Officially, the countries had no diplomatic ties. Yet for a small group of Israeli businesspeople attending secret meetings with Saudi officials in Vienna, Cyprus and Riyadh that summer, there were signs relations were warming.

The businesspeople represented NSO Group. Their mission was to sell the Saudis NSO’s weapons–grade spyware system, Pegasus.

According to a person who attended the meeting in June 2017 in Cyprus, a senior Saudi intelligence official was “amazed” by what he saw. After a lengthy and technical discussion, the Saudi spy, who had brought a new iPhone, was shown how Pegasus could infect the phone and then be used to remotely operate its camera.

Hedo July 20, 2021 9:53 AM

Replying to the post linked directly below this line:
https://www.schneier.com/blog/archives/2021/07/candiru-another-cyberweapons-arms-manufacturer.html/#comment-384165

Yes, we DO have many flaws in America, but many of us are trying hard to identify them and to perhaps change them for the better. Sometimes we succeed, sometimes we don’t, but let me assure you one thing: you can troll all you want against my country but you can’t teach me NOTHING as I have been there, done it; lived in a communist run country, lived in a socialist country, and they do not come even close to USA, considering and factoring in ALL flaws and all wrongs we have in America. You can try brainwashing the Chinese people, or the Russian people that they have it better than us Americans – it just might work. Nice try, it did not work with this American. Troll away.

Winter July 20, 2021 10:14 AM

@ADFGVX
“You have to smoke a lot of weed for that line of reasoning, because a “Republic” is basically Latin for German “Reich” if the Christian Democrats in Germany today aren’t building up to a Fifth or Sixth Reich under Angela Merkel.”

Wrong, ‘Res Publica’, the root of the word Republic, means ‘public affair’. Reich derives from a different root word altogether, from Proto-Germanic *rikja “rule”.
https://www.etymonline.com/word/reich

There are no commonalities whatsoever between “Republic” and “Reich”. Just as there are no touching points between Angela Merkel’s Germany and anything that has been called “Reich” before.

PS
This is just your hatred for women that feeds these ideas. If women trouble you so much, you should consider becoming gay. Then you do not have to wring your hands so much.

Winter July 20, 2021 10:18 AM

@hedo
“you can troll all you want against my country but you can’t teach me NOTHING”

I think that is the root of most of America’s problems: the inability to learn from the errors and successes of others.

As they say, only stupid people learn from their errors, smart people learn from the errors of others.

But they also say this quote was from a German, so you would not learn from it.

informed July 20, 2021 10:32 AM

There’s some leaked info suggesting that yet another Israeli company “Profero” is dealing cyberweapons to shady goverments. Seems they have chosen a right name – profit is everything!

ADFGVX July 20, 2021 10:38 AM

@ Winter

Wrong, ‘Res Publica’, the root of the word Republic, means ‘public affair’. Reich derives from a different root word altogether, from Proto-Germanic *rikja “rule”.
https://www.etymonline.com/word/reich

No. “Res” itself means “thing” in English, e.g. “the Thing of all Swedes” and is ultimately of the same root and the same as “Reich.”

The word “thing” back then had the meaning of a rule of law, and even to this day there is a Swedish tingsrätt, a corrupt and self-serving court system of activist bench legislation and bench trials without a jury, where the judges impose a preordained outcome on defendants who were already tried and convicted in secret by a village or town council of aldermen or elders — you could call it a sanhedrin if the Swedes were Jews — vaguely similar to a grand jury indictment in the U.S., but the defendant is then found guilty as charged on all counts with a trial on the particulars of the matter, and punished as directed by the charging council.

Winter July 20, 2021 10:46 AM

@ADFGVZ
Thing, court justice is more alike latin tempest, time.

Etymology is a thing, and if you want to use it, you should get your facts straight. But facts are not your thing, I know.

Republic in the Roman sense has never been used in the same sense as Reich. When the Roman Empire was a thing, post Julius Caesar, it was not a Republic. The Republic had been destroyed by Caesar.

Winter July 20, 2021 10:57 AM

Autocorrect strikes again
“latin tempest” should be “latin [tempes]”

(With [] for clarity)

ADFGVX July 20, 2021 11:04 AM

@ Winter

Etymology is a thing, and if you want to use it, you should get your facts straight. But facts are not your thing, I know.

Facts don’t matter in court anymore in this day and age. The particulars of the matter are laid out beforehand as fiat in the charging documents by the U.S.D.O.J. and their foreign contacts and counterparts.

Republic in the Roman sense has never been used in the same sense as Reich. When the Roman Empire was a thing, post Julius Caesar, it was not a Republic. The Republic had been destroyed by Caesar.

Of course. That is precisely when the armed and voting citizens of the Roman Republic became the disarmed, disenfranchised, and silenced subjects of an autocratic Roman Empire, just like the Bible says.

[7] He was oppressed, and he was afflicted, yet he opened not his mouth: he is brought as a lamb to the slaughter, and as a sheep before her shearers is dumb, so he openeth not his mouth. [8] He was taken from prison and from judgment: and who shall declare his generation? for he was cut off out of the land of the living: for the transgression of my people was he stricken. [9] And he made his grave with the wicked, and with the rich in his death; because he had done no violence, neither was any deceit in his mouth. —Isaiah 53.

Clive Robinson July 20, 2021 11:10 AM

@ Hedo,

but you can’t teach me NOTHING

Oh the irony abounds…

Go back again and read what was actually written not what you’ld like to be writen.

You will find,

Yes, we DO have many flaws in America,

Is “current tense” where as the original question and reply were past tense and you should have realised a long time past tense by several centuries.

You might not like the historical facts, but they are held repeatedly in various peoples records the interpretation of which has been generaly held to be the case for several hundred years. Which suggests, you could be taught something… Or are you saying that only your current view point can be the accurate one?

Remember how you answer will define how others think of you, but I’ve a feeling with some you may well have burnt you bridges, needlessly.

Winter July 20, 2021 11:14 AM

@ADFGVZ
“Facts don’t matter in court anymore in this day and age.”

I do not care about the dysfunctional US court system or the Alt-right. Facts do matter in the real world.

@ADFGVZ
“That is precisely when the armed and voting citizens of the Roman Republic became the disarmed, disenfranchised, and silenced subjects of an autocratic Roman Empire”

That was a consequence of a prolonged civil war that had started decades before when the Gentry and rich senators grabbed power and founded an oligopoly. The result of the civil war was a dictatorship with the emperor at its head.

Historical parallels with current day countries are left as an exercise for the reader.

ADFGVX July 20, 2021 11:23 AM

@ Winter • July 20, 2021 11:14 AM

@ADFGVZ
“Facts don’t matter in court anymore in this day and age.”

I do not care about the dysfunctional US court system or the Alt-right. Facts do matter in the real world.

Oh. But nevertheless you do find it convenient to railroad your foreign agenda to ruin U.S. citizens and targeted individuals through the U.S. court system with falsified and forged “charging documents” from a council of elders. And all that matters in the real world is making yourself look good and putting your enemies in prison.

Winter July 20, 2021 12:10 PM

@ADFGVX
” Why should eye and hair color be listed on a driver’s license or other photo I.D. if these are not clearly visible in the photo itself?”

Because photos used to be black and white and the color in a color photography is unreliable. Therefore, you write down what is also in the photo so you can better identify the bearer as the rightful owner. Same with sex. Not every photo id shows a clear gender that corresponds to the sex.

But with biometrics, you can drop the sex, which can already be done in certain countries.

And your obsession with sex trafficking paints a dubious light on you.

Truth.is.stranger.than.fiction July 20, 2021 12:18 PM

Back to the topic of the original post which is cookie theft. New vulnerability just announced describing in further detail how these attacks are perpetrated.

https://www.bleepingcomputer.com/news/security/new-mosaicloader-malware-targets-software-pirates-via-online-ads/

Perhaps this is the real purpose of the print spooler and why the vulnerability hasn’t been patched in over a year.

Notice the map in the Bleeping post showing that these attacks are coming from India. This will be helpful to those interested in mitigating.

For those that don’t understand the seriousness of cookie theft. Cookies scrape credentials. All of the recent large scale attacks – including Microsoft itself, involve compromised credentials and privilege escalation.

People get mad at the NSA for their hacking tools being stolen. But that’s what is going on here. You cannot limit the use of dangerous tech. It always leaks to those that shouldn’t have it. But who gets to decide who deserves to have dangerous tech? Everyone will have a different definition of dangerous.

This reminds me of cigarettes. Everyone knew they were harmful, but they were everywhere and the biggest companies in the world made a lot of money. People smoked everywhere – in offices, on planes and in restaurants. Then literally overnight cigarettes disappeared.

David July 20, 2021 1:37 PM

Well at least they are honest about what they are:
From Wikipedia:
Candiru (Vandellia cirrhosa), also known as cañero, toothpick fish, or vampire fish, is a species of parasitic freshwater catfish

Jon July 20, 2021 3:57 PM

@ Truth.is….

This reminds me of cigarettes. Everyone knew they were harmful, but they were everywhere and the biggest companies in the world made a lot of money. People smoked everywhere – in offices, on planes and in restaurants. Then literally overnight cigarettes disappeared.

I seriously hope you’re being sarcastic about that, because the last sentence there is arrant fiction.

If you’re in the USA or the UK, visit any corner store and see what’s behind the counter. If you visit any 3rd-world country, look what’s being sold in singles from half the stalls in every market…

The big tobacco companies are still peddling cigarettes everywhere, but the growth markets aren’t in developed countries anymore – they’re everywhere else.

J.

Winter July 21, 2021 12:42 AM

@ADFGVZX
“you do find it convenient to railroad your foreign agenda to ruin U.S. citizens and targeted individuals through the U.S. court system with falsified and forged “charging documents”……”

Again, a comment devoid of facts and full of wishful thinking. You really detest facts, don’t you?

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.