LEBANON - Israeli Firm Behind Cyberattacks

Arno Froese

A zero-day vulnerability in Google’s Chrome web browser was discovered on July 1 when it was used to target journalists in the Middle East, according to cybersecurity company Avast. The majority of the attacks took place in Lebanon. 

“Based on the malware and TTPs used to carry out the attack, we can confidently attribute it to a secretive spyware vendor of many names, most commonly known as Candiru,” Avast wrote.

Also known as SAITO Tech, Candiru is an Israeli technology company that engages in cyberespionage, often for governmental clients. The company has been blacklisted by the US government for its behavior that was allegedly harmful to national security.

In addition to Lebanon, the attacks occurred in Turkey, Yemen and the Palestinian territories. Avast claimed that Candiru returned with an updated set of tools in March after a period of minimal activity dating back to July 2021, when its activity was exposed by Microsoft and CitizenLab. 

By using the zero-day vulnerability that could not be detected by the browser, the attackers compromised websites and created sites specifically for their purposes, Android Police described. Users fell victim to the ploy simply by opening one of these sites. 

-www.jpost.com, 25 July 2022

Arno's Commentary

It seems that only computer technicians and scientists understand the full implication of these developments. Another website, thehackernews.com, writes: “Czech cybersecurity firm Avast linked the exploitation to Candiru (aka Saito Tech), which has a history of leveraging previously unknown flaws to deploy a Windows malware dubbed DevilsTongue, a modular implant with Pegasus-like capabilities.” 

What we do know is that, in the end, Satan will perform amazing things, as we read in 2 Thessalonians 2:9: “Even him, whose coming is after the working of Satan with all power and signs and lying wonders.”

How does this relate to the Israeli Candiru cyber-espionage? The simplified answer is that it is beyond our comprehension, yet scientifically very real. Not surprising that the Windows malware is named “DevilsTongue.”

For believers, it is comforting to read verse 8: “And then shall that Wicked be revealed, whom the Lord shall consume with the spirit of his mouth, and shall destroy with the brightness of his coming.”

Arno Froese is the executive director of Midnight Call Ministries and editor-in-chief of the acclaimed prophetic magazines Midnight Call and News From Israel. He has authored a number of well-received books, and has sponsored many prophecy conferences in the U.S., Canada, and Israel. His extensive travels have contributed to his keen insight into Bible prophecy, as he sees it from an international perspective.

Read more from this author

ContactAbout UsPrivacy and Safety