Microsoft Targets Sourgum Malware For Termination Following Cyberattacks On Politicians And Journalists

microsoft tackling cyberweapons being sold by private sector companies
Just as there is a traditional weapons market, a private sector cyberweapons market enables people and organizations to attack anyone worldwide for a fee. However, Microsoft takes this threat of cyberweapons seriously, and is now working to fight the problem head-on.

Yesterday, Microsoft's Cristin Goodwin, General Manager for the Digital Security Unit, reported on a cyberweapon being manufactured by a group called Sourgum. This weapon was initially found by the Citizen Lab, at the University of Toronto's Munk School, after being used to attack "more than 100 victims around the world including politicians, human rights activists, journalists, academics, embassy workers and political dissidents."

forensics lab microsoft tackling cyberweapons being sold by private sector companies

After some research, Microsoft believes that Sourgum is "an Israel-based private sector offensive actor or PSOA," which has since been identified as a company Candiru by the Citizen Lab. This company "generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets' computers, phones, network infrastructure and internet-connected devices," which is quite concerning for security reasons. As such, Microsoft has moved to analyze the Sourgum malware and protect people against it by publishing its research as well as pushing a Windows update to protect Windows customers.

This update will then prevent Sourgum's malware from working on already infected devices and prevent new infections for updated devices or devices that run Microsoft Defender. Thankfully, this is only one part of the equation as Microsoft undertakes "broader legal, technical and advocacy work" to address the issues of PSOAs building and selling cyberweapons globally. Hopefully, Microsoft will continue to go after companies, so stay tuned to HotHardware for updates on Microsoft's efforts.