Meta bans seven private surveillance groups for using Facebook to spy on people worldwide

Targets include journalists, dissidents, human rights activists and critics of authoritarian regimes and their families

Facebook's parent company Meta has banned seven "cyber-mercenary" groups from its platform following a months-long investigation which concluded that these groups were "indiscriminately" targeting people across the internet to collect intelligence about them.

Meta announced on Thursday that it had begun alerting some 48,000 people, including journalists, activists and dissidents across 100 countries that the company believes were targeted by the malicious activity.

The social media giant has also removed about 1,500 fake accounts across Facebook, Instagram and WhatsApp, which are linked to these companies.

Among the private surveillance companies that have been banned by Meta are: Cognyte, Cobwebs Technologies, Black Cube and Bluehawk CI - all of which were based in Israel.

North Macedonia-based Cytrox, Indian group BellTroX, and an unidentified entity in China also saw accounts linked to them deleted from Meta platforms.

On Thursday, researchers at Canadian cybersecurity organisation Citizen Lab accused Cytrox of selling spyware used to hack Egyptian opposition figure Ayman Nour's phone.

According to Meta, Cytrox operated about 300 accounts from its subsidiaries to spy for its customers that are based in numerous countries, including Germany, Saudi Arabia, Vietnam and the Philippines.

"The surveillance-for-hire industry …looks like indiscriminate targeting on behalf of the highest bidder," Nathaniel Gleicher, the head of security policy at Meta and co-author of the investigation report, said in a press briefing, further adding that the industry "is much bigger than one company".

Private surveillance firms usually claim that their services are only focused on terrorists and criminals, although Meta's investigation concluded that the targeting by these companies was indiscriminate and included journalists, dissidents, human rights activists and critics of authoritarian regimes and their families.

These firms collect intelligence from across the internet, and by compromising the devices and accounts of the people being targeted.

Many of them also sell intrusive software tools to their clients worldwide.

"Our hope is to contribute to the broader understanding of the harms this industry represents worldwide and call on the democratic governments to take further steps to help protect people and impose oversight on the sellers of ubiquitous spyware," Meta said.

Meta cybersecurity official David Agranovich said he hoped the move would "kick-start the disruption of the surveillance-for-hire market".

In a statement to The Guardian, Black Cube denied any wrongdoing or even operating in the "cyber world."

"Black Cube works with the world's leading law firms in proving bribery, uncovering corruption, and recovering hundreds of millions in stolen assets," it said.

Meta's fight with "cyber-mercenary" groups comes amid a wider move by American tech firms and the White House administration against suppliers of cyber espionage services, particularly the Israeli spyware firm NSO Group, which was blacklisted by the US government last month.

The government said at the time that the company's software had "enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists".

Meta is already suing NSO Group in a US court. The lawsuit came in 2019 after revelations that NSO's Pegasus spyware exploited a security flaw in WhatsApp to spy on a large number of users of the social messaging app.

Last year, Facebook accused the Israeli firm of using servers based in the US to spy on hundreds of WhatsApp users.

In November, Apple also sued the Israeli company for allegedly misusing Apple's services and products to place a hacking tool on the iPhones of certain users.

At least nine employees working for the US Department of State were hacked using NSO's spyware, according to Reuters.