Meta takes down accounts of spyware vendors from U.S, Russia, China, Israel and India

Cyber Warfare Asia
2 min readJan 18, 2023


Facebook’s parent company “META” said that they had taken down accounts from number of vendors from U.S, Russia, Israel, China and India, which targeted people in almost 200 countries and territories.

The social media giant warned in their report that the spyware and surveillance-for-hire industry “indiscriminately” targeting journalists, activists, and political opposition has become a growing threat globally to collect intelligence and manipulate information from their devices.

Facebook’s parent company “META”

Meta took down 130 fake accounts on instagram and facebook linked to Israeli spyware developer Candiru that used fake accounts to test phishing capabilities to send malicious links.

Another set of 250 accounts were removed that were linked to another Israeli firm Quadream. Both of the firms Candiru and Quadream were founded by the employees of NSO Group, a controversial cyber intelligence firms that were known for selling their spyware to governments against human rights activists.

NSO Group ‘s famous Pegasus spyware were used by UAE and Saudi Govt to target Qatari journalist and human rights activists of their respective country. However, NSO came in limelight for its offensive activities and various lawsuits were filed against them. Its shell companies like Candiru and Quadream now serving in Middle East region.

In another case, Meta removed 900 fake social accounts by a Chinese firm targeting military personnel, journalist and politicians in Myanmar, India, Taiwan, the U.S., and China.

Another spyware vendor Indian hack for hire firm CyberRoot Risk Advisory created 40 fictitious accounts that impersonated journalists, business executives, and media personalities. They have used a marketing tool called Branch to create, manage and track the delivery of phishing links.

Last year Meta banned Indian hire industry BellTrox and removed its 400 accounts. Previously, CitizenLab and Reuters have also disclosed the information about Belltrox’s hacking activities that the techniques adopted by them includes phishing attacks and impersonation of persons, which they used to either hack into devices or get access to private data or deceive people into sharing their private data.

Other companies that were tracked down by Meta were Russia-based Avalanche, New York-based social Links that was originally from Russia, and Israeli-based Cyber Globes.

The above Asian spyware vendors discussed above depicts that Asian countries are evolving in terms of cyber technologies now more than ever.

** Both CyberRoot Risk Advisory and BellTrox’s founders were the students of Indian training institute who focused on training in niche technology like cyber security, robotics, programming etc.We have specifically omitted name of the training institute name from which the above stated Indian cyber actors learnt cyber training as it has filed legal complaints against many global media houses. Reportly, a case has been filed by the training institute for using its name and won that case.



Cyber Warfare Asia

Providing news related to state sponsored cyber warfare in Asia