This espionage program, also Israeli and linked to Pegasus, infects the mobiles and computers of its victims to extract confidential information
The Candiru It is an Amazonian fish known to parasitize the gills of other fish and even the human urethra. Candiru is also the name of the second company of cyber espionage most powerful in Israel and responsible for the computer program with which the mobile phones of political leaders and activists have been infected independentistasguarded for years with this vampiric method.
The investigation published this Monday by CitizenLab, a technological research laboratory at the University of Toronto, reveals that four of the more than 60 Catalan targets were monitored with the tools of this company, described as a “piracy mercenary”. Its president and main shareholder, isaac zackis also one of the founders of NSO Group, manufacturer of the famous ‘spyware’ pegasus.
Candiru’s technology allows you to spy on Android mobiles, iPhone, Mac or PC computers and even in the cloud, having access to all kinds of private information of your victims. The company, whose structure is deliberately opaque, ensures that it can extract this information from applications such as Facebook, Gmail, Skype or Telegram, among others.
The Catalan victims
One of them is Joan Matamalabookseller and childhood friend of the ‘expresident’ Carles Puigdemont. Between August 2019 and July 2020, his mobile phone was attacked up to 16 times with Pegasus, the most well-known and used espionage tool, but also with Candiru. Matamala’s cell phone was analyzed by the CitizenLab forensic team.
Three other Catalans were spied on with this technology. Is about Xavier Vives Y Pau Escorichco-founders of the Vocdoni secure digital voting platform that omnium used for its internal elections. The third victim was Elijah Fieldadvisor to this platform, venture capital investor and member of CitizenLab.
In the same way that Pegasus does, the Candiru spyware infiltrated its targets’ mobile phones by exploiting system vulnerabilities or by sending emails with malicious links. To do this, the attackers posed as the Government of Spain with a message about covid-19, by the organization of the Mobile World Congress or by the Mercantile Registry of Barcelona. This identity theft is a common strategy.
Related news
The case of Elies Campo is especially revealing. The manufacturer of Pegasus assures that his software cannot ‘hack’ mobiles from the United States, something that Candiru does. Campo lives on the other side of the Atlantic, so he had to be monitored with this tool. Even so, his parents, residents in Spain and unrelated to political life, were watched by Pegasus.
Spain, on the black list
Last year, a Microsoft investigation together with CitizenLab detected at least 100 people spied on by Candiru in countries such as Israel, Palestine, Turkey, Armenia, Yemen, Singapore, Lebanon, the United Kingdom and in Spain, among many others. As with Pegasus, the victims of that espionage they are dissidents, journalists, activists, politicians and human rights defenders.