Another Israeli Exploit Developer Caught Selling Malware To Blacklisted Countries
from the quite-the-cottage-industry-you-got-there dept
Maybe it’s time for the Israeli government to put a moratorium on Mossad-based startups. Israeli intelligence services have been the petri dishes for a particular strain of techbro — ones who have the smarts to create zero-click exploits but none of the common sense needed to cull baddies from their customer lists.
The Israeli government is partly to blame. It worked closely with NSO Group (and presumably others in the same business) to broker deals with human rights abusers: diplomacy via malware sales.
Months of negative press got NSO blacklisted by the US government. It also got it investigated in its homeland, finally resulting in the Israeli government (reluctantly) limiting who the company could sell to.
NSO isn’t the only malware merchant with Israeli roots. Candiru — another recipient of US sanctions — calls Israel home. So does Cytrox, yet another exploit developer with ties to Israeli intelligence services. Cytrox was at the center of a recent domestic spying scandal in Greece, with its malware being used to target opposition leaders and journalists. This culminated in Greek police forces raiding Cytrox’s local office, presumably as part of the ongoing investigation.
Now there’s another Israeli spyware maker making the wrong kind of headlines, as Fanny Potkin and Poppy McPherson report for Reuters.
Israel’s Cognyte Software Ltd won a tender to sell intercept spyware to a Myanmar state-backed telecommunications firm a month before the Asian nation’s February 2021 military coup, according to documents reviewed by Reuters.
No matter who’s running the Myanmar government, they shouldn’t be trusted with powerful spyware. For most of the past 60 years, the country has been run by some form of military dictatorship. The 2021 coup simply reshuffled a bit of the military dictatorship organizational chart. Throughout this time period, residents (especially Muslim residents) have been on the receiving end of intense oppression. For Myanmar’s Muslims, oppression means death: ethic cleansing.
Given the fact that any malware sold to the Myanmar government was likely to be abused to target critics and political opponents, Cognyte never should have agreed to sell the government its products. That’s what it should have willingly decided to do because that’s just being responsible.
But there’s another reason Cognyte shouldn’t have done it: it had to violate the law to complete the sale.
The deal was made even though Israel has claimed it stopped defence technology transfers to Myanmar following a 2017 ruling by Israel’s Supreme Court, according to a legal complaint recently filed with Israel’s attorney general and disclosed on Sunday.
According to the documents seen by Reuters, the sale was finalized at the end of 2020, apparently with the assistance of regulator Myanmar Post and Telecommunications (MPT). Given its proximity to the beginning of the coup, it seems this was deliberately acquired for use by the military government, which decided to contest an election it lost in November 2020 by overthrowing the democratically elected government three months later.
The fact that this sale occurred after the government swears it no longer permitted sales to Myanmar presents two possibilities. Neither option is good.
Either the government never stopped handing out export licenses to tech companies hoping to sell to Myanmar’s government or Cognyte ignored the restriction and made the sale without the required export license. Given that the documents show Cognyte as the winning bidder, the company didn’t even bother to try to launder its illegal export through a middleman. Or maybe it was both: a “don’t ask, don’t tell” policy for malware sales to human right abusers.
Whatever the case, it’s another black eye for the Israeli government — one that has done little to prevent local companies from selling powerful tech to bad people. It’s also an indictment of its intelligence services, which seem capable of attracting extremely skilled people who somehow decide that the logical extension of the lessons they’ve learned securing their nation is abandoning any remaining morality or ethics once they hit the private sector.
Filed Under: israel, malware, myanmar, spyware
Companies: cognyte
Comments on “Another Israeli Exploit Developer Caught Selling Malware To Blacklisted Countries”
This comment has been flagged by the community. Click here to show it.
Duuuuhhhhhhh. You know when they make unique infrastructure with modern digital borders (domestic infrastructure) you won’t have to do nearly as many security updates and the 1st world can enjoy the innovation.
I’m glad that this weeks mailchimps hacks used the word(s) “broken into twice”. The 3rd world can rot wiggling every door handle/port on TCP/IP and try to sell what they find.
I guess every century just learns “thats why you don’t mix with the 3rd world”. Their data sucks.
Moving all of that digital labor back to innovation is a 1st world problem :p
Re:
When you isolate people into the entities called countries, you create the conditions for politicians to start wars. Why else do you think Putin has exercised as much control over the Russian Internet as he has.
Re:
Oh fuck off with your idiot fantasy stories.
Motives
It’s dangerous to assume that the government of Israel actually cares about who the malware is sold to, so long as it will not be used against Israel.
Re:
The Israeli government probably doesn’t care if the malware is used against Israel, as long as it’s only used against the right parts of Israel (ie. the ones that don’t support the government).
Motives
(this didn’t seem to appear the first time; either fell into bitbucket or mod delay?)
It’s dangerous to assume that the government of Israel cares who malware is sold to, so long as it won’t likely be used against Israel.
Re:
Yeah idk what it is with the newer site but sometimes or many times, submissions do not post directly, and occasionally disappear entirely. Seems more frequent with mobile, maybe?
Re: Re:
Not mobile here. Just a delay while the Illuminati ok the post, I guess.
malware should be illegal
It should be illegal to sell malware – no matter who it is you are selling to.
Re:
How does that work under the 1st Amendment? Malware is just code, just like this blog is.
Re: Re: conspiracy to commit a crime
People have been convicted of conspiracy to commit a crime just for helping plan it. Selling code intended for criminal use is the same thing.
They could start talking bitcoins for payment. Take the policy of we do not know and don’t want to know.
Just like when I used to run an under the radar VPN service associated with the online radio station I had.
Taking payments in Bitcoin only meant there was no date on who used my VPN.
Because I had it on Comcast business running out of my apartment and then later calweb when 100 megabit service beavailable fur a reasonable price, I flew under the radar because vpns are usually hosted in colocation centers and not a a connection running in someone’s apartment.
This allowed office users to use my VPN without being blocked. Bitcoin meant I did not have to worry about countries like China or Qatar where vpn usage without a license is illegal.
Bitcoin meant nothing could ever be tacved to me.
Live real time stats I could also see connections for high schools all over the USA and Canada going to Facebook and
My VPN used to get a workout during March madness when connections came in from corporate networks to get the gamesm
Once a user logged off, the went poof because I kept no logs. Once a user logged off all traces of their session disappeared.
School users and work users using my VPN did not break any laws in the USA.
Office drones who used my VPN to bypass company filters did norlt break any laws in the United States.
While it might have broken Canadian laws and British laws a some people in computer security newsgroups claimed, that did snot maatter. my server was was in the United States. I was not subject to the laws of any other countries.
The server was a n the USA, so only American laws applied to.ky server.
And because mg Bitcoin only meant there was no user data that could ever be subporaned. I was a true under the radar no log vpn.
I broke no laws taking steps to makebsute my users could never be identified or traced
I am very thankful to you as your article has given me lots of ideas. I enjoyed a lot by reading this post. Thanks for sharing your blog.
http://www.theodorestapletonlaw.com/
It is a great spot to find new information. Your post is very knowledgeable and useful. Thanks for sharing.
https://www.bangzfamilysalon.com/