Microsoft and Technology human rights group Citizen Lab said on Thursday, An Israel group sold a tool to hack into Microsoft Windows.

The hacking tool vendor, named Candiru, created and sold a software exploit that can penetrate Windows, one of many intelligence products sold by a secretive industry that finds flaws in common software platforms for their clients.

Evidence of the exploit recovered by Microsoft Corp (MSFT.O) suggested it was deployed against users in several countries including Iran, Lebanon, Spain and the United Kingdom, according to the Citizen Lab report.

“Candiru’s growing presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse,” Citizen Lab said.

Microsoft fixed the discoverd flaws on Thursday through a software update.

Candiru’s tools also exploited weakness in other common software products, like Google’s Chrome browser.

On Wednesday, Google released a blog post where it disclosed two Chrome software flaws that Citizen Lab found connected to Candiru.

Google did not refer to Candiru by name, but described it as a “commerciy surveillance company.”

Google fixed the two vulnerabilities earlier this year.

Cyber arms dealers like Candiru often chain multiple software vulnerabilities together to create effective exploits that can reliably break into computers remotely without a targe’s knowledge, computer security expert say.

Those kind of covert systems cost millions of dollars and are often sold on a subscription basis.

Leave a Reply

Your email address will not be published. Required fields are marked *