Hacker (illustration)
Hacker (illustration)iStock

Cybersecurity firm Eset said on Tuesday that technology sold by Israeli spyware company Candiru appears to have been used for a campaign of cyberattacks targeting high-profile Middle Eastern websites.

"We think it was a client of Candiru that carried out these attacks," Eset investigator Matthieu Faou told AFP.

Eset did not name the client, but pointed to an investigation by researchers at the University of Toronto that suggested in June that Saudi Arabia may have used similar techniques.

The offensive revealed by Eset used what are known as "watering hole" attacks, which add malicious code to legitimate websites that the targeted user is likely to visit.

Once the person visits the site, the code can then be used to infect their computer — potentially to spy on them or inflict harm in other ways.

Candiru, which is based in Tel Aviv, sells sophisticated spyware to governments. It has earned comparisons with NSO, another Israeli company that was engulfed in scandal this year over accusations that governments used its Pegasus technology to spy on rights activists, politicians, journalists and business executives.

The US Department of Commerce earlier this month added both Candiru and NSO to its list of entities "engaging in activities that are contrary to the national security or foreign policy interests of the United States."

"NSO Group and Candiru (Israel) were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers," the Commerce Department said in a statement.

"These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent. Such practices threaten the rules-based international order."