According to Microsoft, Austria-based firm DSIRF is the main perpetrator behind the spyware targeting law firms, banks and strategic institutions in at least three countries.
On July 27, Microsoft security researchers claimed that Austria-based DSIRF is behind a digital spyware program used to attack law and bank firms.
DSIRF designed the spyware, dubbed ‘Subzero’ and used to spy on targets’ devices. According to Microsoft, the software uses zero-day exploits to access private data, such as personal information and account credentials.
“Observed victims include law firms, banks, and strategic consultancies in countries such as Austria, the United Kingdom and Panama”, Microsoft said. The victims were not identified. Based in Vienna, DSIRF did not answer back to the emails and telephonic requests for a statement.
No false flags
Some companies deploy tools to ‘pen test’ an environment and assess its defences against an attack. Sometimes, security researchers find indications of malicious activity on devices that, in reality, originate from legal pen tests.
“Microsoft’s interaction with a victim confirmed they had not consented to red teaming and malware deployment, and confirmed it was unauthorized activity”, said Microsoft’s Cristin Goodwin, who authored the report.
Spyware ‘appears to be thriving’
According to a report by the German news site Netzpolitik, the DSIRF presents Subzero as the ‘next generation cyber warfare’ tools. It can access passwords to hijack devices and reveal user locations.
Spyware vendors face increasing regulations in the US and Europe. Research by the European Union proves that ‘Pegasus‘ spyware, developed by NSO Group, was purchased by EU member states for government purposes.
The Senior Executive Director of the Threat Analysis Group at Alphabet (GOOGL.O) commented to a US Houe of Representatives committee that the spyware industry “appears to be thriving”.