On July 27, security experts at Microsoft said that an Austrian company was behind digital attacks on banks, law firms and strategic consulting agencies in at least three countries. family.
Microsoft’s blog post said that DSIRF, a Vienna-based spyware development company, designed malicious code called SubZero to track and steal login information and passwords from users. target’s device, through a zero-day exploit.
“To date, victims of the attacks reported include: Banks, law firms and strategic consulting agencies in countries such as Austria, the United Kingdom and Panama,” Microsoft said, without specifying. specify the identities of the victims.
Zero-day is a serious security vulnerability in software that is often exploited by hackers and spies, because these vulnerabilities remain active even after the software has been updated.
According to German news site Netzpolitik, DSIFR presents Subzero as a “next-generation cyberwarfare” tool, capable of taking full control of a target’s computer, stealing passwords and revealing the user’s location. .
Microsoft’s findings come as the US and Europe are considering tightening regulations on spyware suppliers, a growing global industry “hot” and attracting the following attention. The Pegasus spyware case developed by Israel’s NSO was used by governments to spy on journalists and political opponents.
“The industry seems to be booming,” Shane Huntley, senior director of the Threat Analysis Group at Alphabet (Google’s parent company), said in a meeting with the US House of Representatives on July 27.
Vinh Ngo (According to Reuters)