Meta has warned that the use of spyware to indiscriminately target people – including journalists and activists – is a persistent threat because surveillance-for-hire companies continue to adapt and change tactics in the face of efforts to shut down their capabilities.
A report by Facebook’s parent company described efforts by the social media group to remove a number of firms, including two linked to Russia, one based in Israel, and an entity in China, all of which were alleged by Meta to have been used to “scrape” Facebook and Instagram for users’ private information in an attempt to compromise users’ accounts.
In one case, Meta said it removed more than 100 accounts on Facebook and Instagram linked to a company called Avalanche in Russia, which it said sold access to a platform that allows spying across the internet. Meta said a host of individuals and groups were targeted using the Russian network, from environmental activists, members of the media, NGOs in the US and politicians. Other companies that were removed from Meta platforms include a New York-based company called Social Links, which was originally based in Russia, and Cyberglobes, based in Israel.
At the same time, Meta acknowledged that other companies it sought to ban last year from its platforms after accusations that the groups’ software had been used to target thousands of users with malicious activity have tried to circumvent blocks on Meta’s platforms and updated their software to try to evade detection.
Nathaniel Gleicher, the head of security policy at Meta, said the company had sought to share information about threats with governments and other technology companies to mitigate the threat against users. But Gleicher also acknowledged that one big player in the social media industry – Twitter – no longer appeared to be available to accept information about such threats.
“Our key goal is to do everything we can to protect people. So we share our insights with our industry peers. Twitter is going through a transition right now and most of the people we’ve dealt with have moved on. As a result, we have to wait and see what they announce in these threat areas,” Gleicher told reporters on a call about the Meta report.
Forbes reported in November that Twitter’s security, privacy and compliance leaders all left the company less than two weeks after its acquisition by the billionaire Elon Musk.
Gleicher emphasised that no single company could tackle a “society-wide” challenge such as spyware. “They [spyware companies] are very ready to keep trying to come back, to re-establish their businesses,” Gleicher said.
Twitter was not available for comment.
Meta said some vendors of spyware used to target its users sometimes claim their software is intended to focus on criminals and terrorists, but Meta said its own threat research found that the software was used “regularly” to target “journalists, political opposition and human rights activists around the world”.
“These companies are part of a sprawling industry that provides intrusive software tools and surveillance services indiscriminately to any customer – regardless of who they target or the human rights abuses they might enable,” Meta said in its report. “In a sense, this industry ‘democratises’ these threats, making them available to government and non-government groups that otherwise wouldn’t have these capabilities to cause harm.”
In one case, Meta said it shut down a network of 900 fake Instagram and Facebook accounts operating from China, which appeared to focus on people in Myanmar, India, Taiwan, the US and China, including military personnel, pro-democracy activists, government employees, politicians and journalists.
Avalanche could not be reached for comment. Social Links and Cyberglobes did not immediately return requests for comment.
