In recent months, Microsoft has been dealing with criticism from cybersecurity experts over handling the vulnerabilities. The company also recently gave written testimony to a House Intelligence Committee hearing over commercial spyware and cyber surveillance. The latest buzz around Microsoft is an Austrian company that used Windows exploits for creating and selling spyware. According to a blog post by Microsoft’s Threat Intelligence Center (MSTIC), the Austrian company is known as DSIRF and has been under-tracking with the codename KNOTWEED.
Microsoft caught an Austrian company that was selling spyware
The DSIRF has made a spyware called Subzero. This spyware targeted law firms, banks, and consultancy firms in the UK, Austria, and Panama. The company was using some unknown Windows exploits, including a zero-day privilege escalation exploit for Windows and an Adobe Reader remote code execution attack. Of course, Microsoft says it has patched these vulnerabilities in recent security update. DSIRF claims it is working with multinational corporations over risk analysis and collecting business intelligence. However, Microsoft insists that the company has created and sold spyware for unauthorized surveillance. “MSTIC has found multiple links between DSIRF and the exploits and malware used in these attacks. These include command-and-control infrastructure used by the malware directly linking to DSIRF, a DSIRF-associated GitHub account being used in one attack, a code signing certificate issued to DSIRF being used to sign an exploit, and other open-source news reports attributing Subzero to DSIRF,” Microsoft noted in its blog post. This news comes right after Microsoft wrote a testimony document to the House Intelligence Committee. The hearing held for “Combatting the Threats to U.S. National Security from the Proliferation of Foreign Commercial Spyware.” In the testimony document, Microsoft mentioned the role of private sector players in creating and distributing unregulated commercial spyware. The repressive regimes around the world are huge fans of spyware. “In some cases, companies were building capabilities for governments to use consistent with the rule of law and democratic values. But in other cases, companies began building and selling surveillance as a service … to authoritarian governments or governments acting inconsistently with the rule of law and human rights norms.” Microsoft wrote in its testimony.