Another Israeli Exploit Developer Caught Selling Malware To Blacklisted Countries

from the quite-the-cottage-industry-you-got-there dept

Maybe it’s time for the Israeli government to put a moratorium on Mossad-based startups. Israeli intelligence services have been the petri dishes for a particular strain of techbro — ones who have the smarts to create zero-click exploits but none of the common sense needed to cull baddies from their customer lists.

The Israeli government is partly to blame. It worked closely with NSO Group (and presumably others in the same business) to broker deals with human rights abusers: diplomacy via malware sales.

Months of negative press got NSO blacklisted by the US government. It also got it investigated in its homeland, finally resulting in the Israeli government (reluctantly) limiting who the company could sell to.

NSO isn’t the only malware merchant with Israeli roots. Candiru — another recipient of US sanctions — calls Israel home. So does Cytrox, yet another exploit developer with ties to Israeli intelligence services. Cytrox was at the center of a recent domestic spying scandal in Greece, with its malware being used to target opposition leaders and journalists. This culminated in Greek police forces raiding Cytrox’s local office, presumably as part of the ongoing investigation.

Now there’s another Israeli spyware maker making the wrong kind of headlines, as Fanny Potkin and Poppy McPherson report for Reuters.

Israel’s Cognyte Software Ltd won a tender to sell intercept spyware to a Myanmar state-backed telecommunications firm a month before the Asian nation’s February 2021 military coup, according to documents reviewed by Reuters.

No matter who’s running the Myanmar government, they shouldn’t be trusted with powerful spyware. For most of the past 60 years, the country has been run by some form of military dictatorship. The 2021 coup simply reshuffled a bit of the military dictatorship organizational chart. Throughout this time period, residents (especially Muslim residents) have been on the receiving end of intense oppression. For Myanmar’s Muslims, oppression means death: ethic cleansing.

Given the fact that any malware sold to the Myanmar government was likely to be abused to target critics and political opponents, Cognyte never should have agreed to sell the government its products. That’s what it should have willingly decided to do because that’s just being responsible.

But there’s another reason Cognyte shouldn’t have done it: it had to violate the law to complete the sale.

The deal was made even though Israel has claimed it stopped defence technology transfers to Myanmar following a 2017 ruling by Israel’s Supreme Court, according to a legal complaint recently filed with Israel’s attorney general and disclosed on Sunday.

According to the documents seen by Reuters, the sale was finalized at the end of 2020, apparently with the assistance of regulator Myanmar Post and Telecommunications (MPT). Given its proximity to the beginning of the coup, it seems this was deliberately acquired for use by the military government, which decided to contest an election it lost in November 2020 by overthrowing the democratically elected government three months later.

The fact that this sale occurred after the government swears it no longer permitted sales to Myanmar presents two possibilities. Neither option is good.

Either the government never stopped handing out export licenses to tech companies hoping to sell to Myanmar’s government or Cognyte ignored the restriction and made the sale without the required export license. Given that the documents show Cognyte as the winning bidder, the company didn’t even bother to try to launder its illegal export through a middleman. Or maybe it was both: a “don’t ask, don’t tell” policy for malware sales to human right abusers.

Whatever the case, it’s another black eye for the Israeli government — one that has done little to prevent local companies from selling powerful tech to bad people. It’s also an indictment of its intelligence services, which seem capable of attracting extremely skilled people who somehow decide that the logical extension of the lessons they’ve learned securing their nation is abandoning any remaining morality or ethics once they hit the private sector.

Filed Under: , , ,
Companies: cognyte

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Another Israeli Exploit Developer Caught Selling Malware To Blacklisted Countries”

Subscribe: RSS Leave a comment

This comment has been flagged by the community. Click here to show it.

Anonymous Coward says:

Duuuuhhhhhhh. You know when they make unique infrastructure with modern digital borders (domestic infrastructure) you won’t have to do nearly as many security updates and the 1st world can enjoy the innovation.

I’m glad that this weeks mailchimps hacks used the word(s) “broken into twice”. The 3rd world can rot wiggling every door handle/port on TCP/IP and try to sell what they find.

I guess every century just learns “thats why you don’t mix with the 3rd world”. Their data sucks.

Moving all of that digital labor back to innovation is a 1st world problem :p

Anonymous Coward says:

They could start talking bitcoins for payment. Take the policy of we do not know and don’t want to know.

Just like when I used to run an under the radar VPN service associated with the online radio station I had.

Taking payments in Bitcoin only meant there was no date on who used my VPN.

Because I had it on Comcast business running out of my apartment and then later calweb when 100 megabit service beavailable fur a reasonable price, I flew under the radar because vpns are usually hosted in colocation centers and not a a connection running in someone’s apartment.

This allowed office users to use my VPN without being blocked. Bitcoin meant I did not have to worry about countries like China or Qatar where vpn usage without a license is illegal.

Bitcoin meant nothing could ever be tacved to me.

Live real time stats I could also see connections for high schools all over the USA and Canada going to Facebook and

My VPN used to get a workout during March madness when connections came in from corporate networks to get the gamesm

Once a user logged off, the went poof because I kept no logs. Once a user logged off all traces of their session disappeared.

School users and work users using my VPN did not break any laws in the USA.

Office drones who used my VPN to bypass company filters did norlt break any laws in the United States.

While it might have broken Canadian laws and British laws a some people in computer security newsgroups claimed, that did snot maatter. my server was was in the United States. I was not subject to the laws of any other countries.

The server was a n the USA, so only American laws applied server.

And because mg Bitcoin only meant there was no user data that could ever be subporaned. I was a true under the radar no log vpn.

I broke no laws taking steps to makebsute my users could never be identified or traced

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...