Meta Boots 6 Private Spy Firms Off Its Platforms, Including the One Hired by Harvey Weinstein

Meta Boots 6 Private Spy Firms Off Its Platforms, Including the One Hired by Harvey Weinstein
Photo: Kelly Sullivan, Getty Images

A purge of creeps from some of the web’s most widely used social media platforms has just taken place — a welcome turn-of-events for some 50,000 people who may have been targeted, not to mention the rest of us.

Meta, parent company of Facebook and Instagram, said in an announcement Thursday that it had recently ejected six private surveillance companies from its platforms, along with a network of fake profiles being leveraged to conduct surveillance. These entities, Meta says, violated its Community Standards and Terms of Service, and “given the severity of their violations,” have now been banned from ever using the company’s platforms again. In a report published alongside the announcement, Meta officials provided details about the lengths it had gone to rid itself of the firms.

“We disabled seven entities who targeted people across the internet in over 100 countries; shared our findings with security researchers, other platforms and policymakers; issued Cease and Desist warnings; and also alerted people who we believe were targeted to help them strengthen the security of their accounts,” Meta said of its efforts to kick out the snoops.

In total, Meta said, it has alerted “around 50,000 people who we believe were targeted by these malicious activities worldwide.”

Several of the companies named in the report have been involved in visible privacy scandals. One of the firms, the India-based BelltroX, was previously caught up in allegations of “hack-for-hire” schemes deployed against journalists, environmental activists, politicians, and bankers. Another company, Cytrox, is a spyware manufacturer based in North Macedonia. On Thursday, researchers at Citizen Lab published a study detailing the company’s commercial malware, dubbed “Predator,” that is allegedly able to infiltrate phones in ways similar to the notorious NSO Group’s “Pegasus” spyware.

NBC reports that the rest of the companies on Meta’s shitlist — CobWebs Technologies, Bluehawk CI, Cognyte, and Black Cube — are all based in Israel, which is known as a hub for high-tech surveillance services.

Out of this bunch, Black Cube is probably the most notorious. The shadowy firm, staffed by former members of the Mossad and other Israeli intelligence elements, was infamously hired by Harvey Weinstein back in 2016 to spy on his sexual abuse victims, as well as journalists investigating claims made against the movie mogul. According to reporting by the New Yorker, these operatives were tasked with helping to “collect information … on dozens of individuals, and compile psychological profiles that sometimes focused on their personal or sexual histories.”

Meta says that it also disabled an “unknown entity” based in China — a network of some 100 fake accounts on Facebook and Instagram that appeared to have been engaged in “reconnaissance and social engineering activity before delivering malicious payload to its targets.” The network was likely being used by “domestic law enforcement in China,” the report claims.

Meta’s creep-purge comes at a time when both private industry and the U.S. government appear to be cracking down on the surveillance industry. This is a welcome turn of events since, in recent years, there’s been no shortage of evidence that such companies, while claiming to support legitimate law enforcement action, are often being hired out by wealthy and politically connected individuals as a means of targeting journalists, human rights activists, and pretty much anybody else they want to keep an eye on.

“While cyber mercenaries often claim that their services and surveillanceware are meant to focus only on criminals and terrorists, our own investigation, independent researchers, our industry peers and governments have demonstrated that targeting is indeed indiscriminate and includes journalists, dissidents, critics of authoritarian regimes, families of opposition and human rights activists. In fact, for platforms like ours, there is no scalable way to discern the purpose or legitimacy of such targeting,” the report concludes.