After the world discovered Pegasus, one of the most powerful spyware programs in recent years, a new Israeli company, Insanet, is now marketing another very powerful spyware: Sherlock. Unlike Pegasus, which exploits devices’ vulnerabilities, Sherlock uses advertising networks to secretly infiltrate the target’s device.
This spyware was created to be a cyber weapon. In fact, Insanet has received authorization from the Israeli government to sell Sherlock to the whole world as a military product. Thus, it’s interesting to wonder whether this type of software is a real tool in the service of national security or an actual threat to the population…
What is the technique used by this new spyware to infect devices?
Sherlock uses targeted advertising on websites to infect computers, tablets, and smartphones. Targeted advertising is an advertising technique that aims to identify people individually in order to deliver specific ads based on their characteristics. Cookies in particular make this possible.
More specifically, Sherlock spyware uses programmatic advertising. This type of advertising automatically organizes a sort of auction in real time, in a fraction of a millisecond, to allocate advertising space to advertisers on websites. The spyware Sherlock arranges to win the auctions that determine which ads are displayed, in order to display its own on the victim’s screen. The only problem is that the ad displayed by Sherlock is fake, concealing the powerful spyware. The targeted person will click on the advertisement without suspecting that it is fake, and Sherlock will infect the user’s device to spy on them.
This spyware has surveillance, capturing and data transmission capabilities, and probably even more powers…
A danger to democracy?
Sherlock spyware was created for espionage purposes to protect national security and defense. Indeed, national security and criminal activities may justify the exceptional use of this type of spyware. Sherlock can collect all kinds of personal data, such as connection information, devices’ IP addresses, the users’ Internet habits and geolocation data. This method of spying may seem particularly effective in the fight against terrorism, for instance.
However, an investigation by the Israeli national newspaper Haaretz reveals that Sherlock has already been sold to at least one non-democratic country. This spyware could be a way of massively monitoring the population. The risk of using Sherlock spyware is that it compromises fundamental rights such as freedom of expression and the right to privacy. This tool can very quickly be used to collect personal information in order to intimidate political opponents, silence media criticism or manipulate elections. For example, Sherlock can be used to spy on the computer of an opposition party candidate in order to obtain compromising documents that will discredit him in futures’ elections.
Furthermore, this spyware is legally permitted to be sold to a wider audience, which puts almost everyone at risk.
How can you protect yourself?
Pegasus spyware only works on smartphones running Apple IOS and Android, whereas Sherlock can bypass the security systems of Apple, Android and Microsoft too. It can infect smartphones as well as tablets and computers. This is what makes it so powerful, and the fact that it uses targeted advertising means that it can bypass security corrections. There is currently no real protection against Sherlock.
However, the cost of a Sherlock infection is estimated at over six million euros, making its use fairly rare. Moreover, the sale of Sherlock spyware to potential customers in the West is highly restricted and regulated. A specific license, issued by the Ministry of Defense, is required.
To avoid infection by this type of software, it is advisable to use anti-virus software, ad blockers, a privacy-focused browser, to refuse cookies on websites and to avoid clicking on malicious adverts.
Julie FREIERMUTH
M2 Cyberjustice – Promotion 2023/2024
Sources :
https://windows.atsit.in/fr/18283/
https://www.theregister.com/2023/09/16/insanet_spyware/
https://www.scientificamerican.com/article/online-ads-can-infect-your-device-with-spyware/