Israel: Where Malware, Spyware, and Worse Are Legal

Harden your phone and computer against Google and all ad networks, or you are a sitting duck for Jewish spies and malware.

We’re being monitored. It’s a universally acknowledged truth about this digital age. Unless you use a de-Googled phone and computer, and assiduously use ad-blockers, VPNs, and end-to-end encrypted messengers, technology firms and advertisers know almost everything about us: where we are, what we buy, which apps we download and how we use them, our search histories and past purchases, a thousand things we like or don’t like, even our sexual orientation, political views, and family connections. In theory and sometimes in law, the world of ads and the data behind them is meant to be anonymous. But the tracking is so “good” now that it’s often trivial for these firms and their friends in the government to know exactly who we are, even if they’re not supposed to do that.

And now Israeli tech firms — and in Israel, “offensive technology” like this is perfectly legal — have taken it several steps beyond, packaging ultra-intrusive malware right into ad images. This malware tracks your every move, steals your financial and personal information, sees and listens to you, and can even set you up for an assassination by the Mossad or another hostile agent.

We’ve all been there. We read the post of a friend who just got back from vacation, and a few hours later an ad for a hotel pops up on our screen, and similar ones hound us for days, following us across Web sites and social media — but few of us have any idea how or why this happens.

Whenever we open an application or a Web site on our phone, without our noticing, a rapid process of mass negotiation takes place, and a complex and aggressive market embodying the whole economy of the Internet plays out: In a split second — a fraction of the moment that elapses until the page we want opens — an automatic bidding process occurs between hundreds of thousands of different advertisers.

And some have the ability to take advantage of that fraction of a second to perform a much more malicious mission: to send people a distinctive, seemingly innocent, ad that contains advanced spyware. Though the ad looks completely standard, it is in fact a cyberweapon that is capable of infiltrating our phone or computer.

In the past, it was believed that only state intelligence organizations had this capacity.

But this new technology is now available for any purchaser who can come up with the requisite millions to pay the Israeli firms, or “European” or “American” firms under Jewish/Israeli control. There are a few (meaningless, to us) weak restrictions preventing Israeli tech firms from selling such technology or services to “undemocratic” regimes, but such companies are notorious for having subsidiaries or affiliates, or suddenly having “new headquarters” in other countries whenever needed to get around such laws.

During the “pandemic,” certain tools were developed and deployed to “track the spread of the virus” — really to track everyone’s movements, encouraging and enriching a new and disturbing cyber and espionage industry in Israel. A number of Israeli firms have developed technologies that are capable of exploiting advertising to collect data and monitor citizens. Hundreds of thousands — if not millions — of people can be monitored in this way.

A small group of Jewish-owned companies have taken things a step further: They have created technology that use ads for offensive purposes and injecting spyware. As millions of ads compete for the right to penetrate our screens, Israeli firms are clandestinely selling technology that transforms these ads into tools of surveillance — or even into weapons that are capable of penetrating our computers or phones.

One of these companies is Insanet. As its name suggests, it possesses “insane” capabilities, according to sources in the industry. Founded by a number of well-known entrepreneurs in the fields of offensive cyber and digital intelligence, the company is owned by former ranking members of the Israeli defense establishment, including a past head of the Jewish state’s National Security Council, Dani Arditi. The company has developed technology that exploits ads both for tracking and for infection. It’s not by chance that the company has named their product Sherlock.

The company’s personnel also succeeded in obtaining authorization from the Defense Ministry to sell their technology globally. Insanet has already sold the capability to one country that, according to Haaretz, “is not a democracy” — as if that matters, as many of the worst perpetrators of oppression of racially conscious Whites are so-called “democracies.” This is the first case in the world where a system of this sort is being sold as technology, as opposed to a service.

Another Israeli firm, Rayzone, has developed a similar product and this year received approval in principle to sell it to its clients in Western countries, though in practice this has not happened yet.

Currently there are no defenses against these technologies, and it’s not clear whether they can be blocked at all.

This is a perfect example of what is referred to as “surveillance capitalism”: how information collected for commercial ends is exploited by states and so-called NGOs for intelligence purposes and morphs, with a little help from Israeli high-tech entrepreneurs, into a weapon against private citizens.

Ads we see on our smartphones and computers are anything but random: Jewish-owned Google and its “competitors” know a great deal about us and can, for instance, geolocate us down to street level — if not to within a few meters — and crossmatch the information with our search history.

Digital advertising has become a behemoth economy of hundreds of millions of dollars, thousands of companies, and tens of thousands of types of services for collecting, analyzing, segmenting, and optimizing data for targeting. Referred to collectively as “AdTech,” a vast secondary economy has also sprung up around digital advertising for mobile devices and the applications that run on them, in which advertisers compete for our screen time in complex and automatic bidding processes fed and informed by our data.

“In a certain sense, Google and Apple created an espionage market,” explains a person in the industry, referring to the two companies whose operating systems power most smartphones. “They just hoped that people wouldn’t understand that the information that advertisers collect can also be intelligence gold. Another way to think of it is that Apple and Google are themselves a type of espionage firm. There are simply some who know how to exploit that.”

In light of its potential sensitivity, advertising information, especially information related to our smartphones, is supposed to be anonymous. Every smartphone has a unique advertising ID number, which ostensibly is impossible to crossmatch with our phone number or our name. The aim is clear: to prevent ad data from being used to spy on people, and not allow advertisers to exploit our private information. The European Union’s digital privacy law, known as GDPR (General Data Protection Regulation), prohibits this explicitly. It would foolish to assume that these rules are being scrupulously obeyed, however.

But even anonymous information that is compliant with such privacy laws can be extremely valuable from an intelligence perspective. For example, with the aid of advertising technology, it’s possible to digitally mark all the cellphones belonging to people who passed through a particular airport at a specific time. First, all the ad-IDs of devices that were in the airport are collected. That’s a simple operation: Each time we pick up our phone and open an app that displays ads (or do the equivalent on our computers, especially if we use Gmail or any other Google product), the phone transmits where we are to the advertisers in order to improve the effectiveness of the ads they send us. Mapping these identifiers creates a list of people who were in the airport at a certain time. The advertisers may not know the names of these people, but they can be profiled as part of a target audience — which can be continuously targeted. They are bombarded with ads, and through these ads, their dispersal across the world can be tracked.

This is how, in the shadow of the coronavirus crisis, a new industry of mass AdInt (“advertising-based intelligence”) came into being. A company founded by Eric Banoun, one of the pioneers of offensive cyber in Israel, offered the Shin Bet security service an ad-based surveillance and monitoring service. As Gur Megiddo reported in The Marker, the idea was to reverse-engineer information about users in large ad networks for intelligence purposes. In this case, the aim was to engage in mass monitoring supposedly to “track the spread of the pandemic.”

The firm is called Intelos and its product is called AdHoc. It’s marketed to law enforcement agencies and business clients alike. The company’s products are, laughably, “not considered to be security-related” by the Israeli government and are therefore not regulated. There’s a whole industry of similar companies in the Jewish state.

Anonymous geo-surveillance via ads is not currently under Israeli Defense Ministry supervision — with excuse being that it’s based solely on proprietary information that can be acquired commercially. However, these technologies can also be used for “security aims,” such as for surveilling “suspected targets” by customers — or by Jewish groups — in any country. One can imagine, for example, an advertising campaign that is geared toward an audience of nuclear scientists of Iranian origin between the ages of 35 and 65 who passed through the airport in Tehran over the past year; or attendees at a pro-White conference. After these individuals are profiled and receive the first ads, they can continue to be targeted over time; the technology can pinpoint where they traveled and when.

The Israeli firm Cobwebs, which specializes in “open source intelligence,” offers technology that can locate a mobile device. The company illustrates this capability through a potential target in Iran, where one can see how the program tracks the target’s movements on the street.

These examples underscore the unique intelligence value AdInt posses: Whereas most types of digital intel and offensive cyber are based on direct access to information, networks and infrastructures — data that many wrongly believe only a state possesses (really, even Google knows more than many state actors) — AdInt is based on information that is considered “open” and that can be located from sources that are considered commercial. In this case, they are just fused together for Jewish or customer objectives.

The information can be acquired from difference proprietary databases — for example those linked to advertisers or DSPs — or by more devious methods. In order to find someone’s location, for instance, you don’t need anything more than the information that’s accessible through the cellular ad exchange or a database of home computers interacting with Google products.

For this reason, companies in this field are generally connected to ad firms. In some cases they actually operate an ad firm of their own or work with one, which provides both a cover for their intelligence activity and access to the information they need.

There are a number of Israeli firms that are offering intel of this sort to many different kinds of clients. One such company is Rayzone, which is considered a pioneer in the field and actually coined the term AdInt. Its product, called Echo, is not under state supervision because it too makes use of information that is considered open. It’s sold to private bodies, but an official Israeli body also showed interest in purchasing it for the purpose of attempting to surveil Palestinians in Israel.

Other companies offer similar products. One of them, Bsightful, markets its capabilities to those in the private advertising world. According to sources in this field, the company’s activity is based on cross-matching browsing data and other sources of commercially available information that can be purchased, mined, or otherwise extracted from the web. The company was acquired by another cyber firm, Cognyte, which offers similar capabilities — but to states and armed forces. In other words, the same information and the same technologies, only with different uses: one commercial, the other for intel.

But some of these Jewish companies don’t make use of ads only for surveillance. They go a step further, creating tools that use ads to penetrate phones and computers.

How does this work? An advertising profile for the target audience is compiled. After that, an ad campaign tailored to the audience is created, and it is bombarded with ads, thus allowing mass geo-surveillance. Next, the spyware or malware is placed into a campaign. With the aid of an advertiser or an ad infrastructure, the infected ad is uploaded and the target receives the ad and the malicious code infiltrates the device.

The most advanced capabilities, which have been reported in recent years and have drawn severe criticism, are those that were developed by Israeli firms such as NSO and Candiru. With the aid of their spyware, of which the best known is NSO’s Pegasus, devices like iPhones can be breached via zero-click exploits — in other words, a person’s device is infected without them knowing about it or even taking any action.

Numerous Jewish/Israeli cyber companies have tried in recent years to develop the offensive technology that exploits ads not only for surveillance but also for spyware infection. Indeed, the past five years have seen an arms race among them, in which companies such as Candiru, Paragon, Nemesis, Quadream, and NSO have taken part.

Insanet was founded in 2019 by two groups of entrepreneurs. The first, composed of veteran cyber entrepreneurs, among them Ariel Eisen, Roy Lemkin, and Dani Arditi, came up with the necessary investment. The three, who are known as marketers of companies such as NSO (in the past) and Paragon (currently) in Western Europe and in Asia, enjoy “stellar” ties with intelligence and security bodies in Israel as well as in those parts of the world.

The second group consisted of young entrepreneurs, some of them with a background in Israel’s military cyber units, who supplied the idea. Before Insanet, they founded an ad-tech company, which they sold several years ago.

Drawing on the experience the latter group had acquired both in the Israeli defense establishment and in the advertising industry, they developed Sherlock, a tool that exploits the ad system to hack computers and cellular devices.

To market the product, the company examined possible cooperation with other offensive cyber firms. A Candiru marketing document from 2019, which was revealed in 2020 by Amitai Ziv in The Marker, offered Sherlock to a potential client along with the company’s PC spyware.

The document showed that this was a very expensive capability: The use of Sherlock for an infection would cost the client an extra 6 million euros ($6.7 million).

The document also revealed that Sherlock could breach Windows-based computers as well as iPhones and Androids. Until now, different companies have specialized in breaching different devices. Candiru focused on PCs, NSO could hack iPhones, and its competitors specialized in Androids. But with this system, as the documents show, every device could effectively be breached.

“This is a very dangerous new development,” explains Donncha Ó Cearbhaill, who heads the Amnesty Tech Security Lab, the human rights group’s technological unit. “The described capability could allow attackers to target individuals based on demographic and behavioral characteristics collected by ad networks [and thus] target people from a specific ethnic group or retarget individuals who have visited an independent media website critical of the government.”

Despite concerns, Insanet’s product was sold legally, with the authorization of the State of Israel. The company initially received a relatively wide go-ahead from the Defense Ministry. After an outcry, a few tame restrictions were put on its for-profit export. You may be sure that ethnically- and ideologically-driven anti-White Jewish groups continue to have full access, however.

A little less than two years ago, Israel decided to (publicly, at least) “accede to US pressure” to rein in the offensive cyber industry. From a list of more than 100 potential client countries, export of cyberarms was now permitted to slightly less than 40, most of them in the West. Really, this means next to nothing, as it only denies the technology’s use to non-US-aligned states, and anti-White “Western” states can still use it at will against their own citizens.

The move caused some Israeli firms to “shut down” — but in reality they merely relocated and dozens of Israelis were incentivized to relocate to Europe and the US and Asia. One such firm is Defense Prime, which is based in the United States but is owned by Israelis. The company recruited Israeli cyber personnel this year, including from the defense establishment itself.

Some of these firms started to change their business model and switched to trading not in spyware, but in “exploits” (the actual ploys employed to hack devices) and vulnerabilities. They have banks of various breaches ready for sale to firms like NSO and others, which the spyware needs in order to go on infecting devices, even after earlier breaches are blocked. A number of companies offer such wares and operate from Singapore, Italy, Spain, and the US, and employ top Israelis in senior positions.

* * *

Source: based on articles on Haaretz and Hacker News, edited by National Vanguard correspondents