Microsoft Exposes Tactics Of European Mercenary Spyware Broker

As a Congressional hearing meets Wednesday to discuss private contractors selling espionage spyware, and Reuters issued new reports such spyware was used to target the European Union’s central lawmaking body, Microsoft is releasing details of a new campaign from an emerging contractor in the field.

“The NSO Group is the canonical example, but there are other companies included on the US Department of Commerce Entities List and a myriad of others that are selling these services that are not yet included on the List,” Microsoft’s Cristin Flynn Goodwin said in written testimony to the hearing.

The new threat detailed by Microsoft in a blog post Wednesday is Austrian contractor DSIRF. DSIRF has marketed itself in the past as a threat intelligence operation with “highly sophisticated techniques in gathering and analysing information, to support the decision-making” of a tech, retail, financial and energy clientele. In practice, the company has been linked to sales of espionage malware, with media reports the group has marketed its “Subzero” malware to the Kremlin.

The technical details behind Subzero had not been fully reported in the past. Microsoft says the group has been caught targeting “law firms, banks, and strategic consultancies in countries such as Austria, the United Kingdom, and Panama.” Microsoft contacted a victim that confirmed it had not hired penetration testing services from DSIRF.

“It’s important to note that the identification of targets in a country doesn’t necessarily mean that a DSIRF customer resides in the same country, as international targeting is

Read more

Explore the site

More from the blog

Latest News