Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities.
Candiru is a secretive Israel-based company that sells spyware exclusively to governments, Citizen Lab explained in a report published today. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts.
Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure and internet-connected devices, Microsoft added. These agencies then choose who to target and run the actual operations themselves.