Facebook Says 50,000 Users Were Spied On By Surveillance Companies

Meta has banned surveillance-for-hire entities hailing from India, China, and Israel, and also deleted hundreds of Facebook and Instagram accounts.

Facebook says it has notified around 50,000 users that may have been targets of unlawful reconnaissance by surveillance-for-hire entities after conducting a comprehensive investigation. The lid on covert surveillance truly blew up this year, and at the center of it was a spyware named Pegasus that's developed by the Israeli firm NSO Group. The tool was used to spy on journalists, activists, and influential personalities across the globe. Interestingly, WhatsApp — the most widely used communication app on the planet that also happens to be owned by Meta — was among the targets of Pegasus’ surveillance activities.

The spyware also exploited vulnerabilities in Apple’s mobile operating system, extracting personal data of victims for years. Following investigations by cybersecurity experts, journalists, and Apple’s own internal team, the company sued NSO Group last month for illegal surveillance targeting Apple device users. Facebook took a similar similar action back in 2019 when WhatsApp filed a lawsuit against the shady company. However, it appears that the demons of felonious surveillance are not leaving Facebook in peace anytime soon.

The company, which now goes by the name Meta, says it alerting around 50,000 users that may have been victims of surveillance activities. Facebook says the victims of these “surveillance-for-hire” companies are spread across 100 countries. “We believe that a sophisticated attack may be targeting your Facebook account,” the warning sent to targets said. As a Tweet by David Agranovich, Meta's Director of Global Threat Disruption, shows, the warning also advises to remain vigilant before accepting friend requests and interacting with people they come in contact with on the platform. Additionally, the warning advises going through the service's privacy checkup process where they can review and strengthen account safety protocols. Earlier this year, Facebook revealed that data belonging to over half a billion users was scraped and put up for sale.

Another Spyware Raises Its Head

Meta says it has been investigating surveillance activities on its platform for a while, and after months of an investigation identified seven surveillance-for-hire entities that it promptly removed. The company claims to have blocked all internet-related infrastructure tracing back to these bad actors, banned them forever, and issued Cease and Desist letters against them. It has also released a detailed report titled “Threat Report on the Surveillance-for-Hire Industry” which says the surveillance-for-hire firms were spread across China, Israel, India, and North Macedonia. If the last name sounds familiar, that’s because it has also been linked to troll farms seeding misinformation to hundreds of millions of users, and making money from Google and Facebook’s ad business at the same time.

Among the names banned by Meta is a company named Cytrox, which developed the relatively lesser-known Predator spyware. According to a CitizenLab investigation, the Predator spyware was used to hack the phones belonging to a politician and a news anchor in Egypt in June this year. The spyware infected phones running iOS 14.6 and was dissipated through single-click links sent via WhatsApp. What’s scary is that the Predator spyware persists even after performing a reboot. Although even more surprising is that both Pegasus and Predator were active simultaneously on the same device. Apple has started its own investigation after receiving the necessary information from CitizenLab, while Meta has booted 300 Facebook and Instagram accounts linked to Cytrox. CitizenLab notes that corporate alliances, complex ownership structures, and frequent name change makes it difficult to investigate these surveillance-for-hire companies.