HomeWinBuzzer NewsMicrosoft Threat Intelligence Center Points to Austrian Firm Selling Spyware

Microsoft Threat Intelligence Center Points to Austrian Firm Selling Spyware

Microsoft Threat Intelligence Center says Austrian company DSIRF is selling commercial spyware exploiting a Windows vulnerability.


According to the Threat Intelligence Center (MSTIC), a company in Austria has been selling that targets zero-day Windows flaws. In a technical blog post on Wednesday, the company says it has also given written testimony to a House Intelligence Committee hearing regarding the use of commercial spyware.

Microsoft tracks the Austrian provider as KNOTWEED, but the company's official name is DSIRF. It seems the developer created spyware known as Subzero that is capable o spying on activity across a system.

Customers who bought the spyware used it to target banks, law firms, and consultancy firms in the UK, Panama, and Austria. Microsoft Threat Intelligence Center says DSIRF was able to develop the spyware by taking advantage of a zero-day exploit in Windows and Adobe Reader.

However, the company points out it has since released a patch for the vulnerability.

On the surface, DSIRF positions itself as a company that helps corporations carry out risk analysis through accumulating business intelligence data. However, Microsoft says the company is nefariously selling spyware:

MSTIC has found multiple links between DSIRF and the exploits and malware used in these attacks. These include command-and-control infrastructure used by the malware directly linking to DSIRF, a DSIRF-associated GitHub account being used in one attack, a code signing certificate issued to DSIRF being used to sign an exploit, and other open-source news reports attributing Subzero to DSIRF.

Spyware Testimony

Microsoft says it has separately provided a written testimony document to the hearing on “Combatting the Threats to U.S. National Security from the Proliferation of Foreign Commercial Spyware,” held July 27th. In the testimony, the company discusses the rise of commercial spyware around the world:

“Over a decade ago, we started to see companies in the private sector move into this sophisticated surveillance space as autocratic nations and smaller governments sought the capabilities of their larger and better resourced counterparts,” the testimony reads.

“In some cases, companies were building capabilities for governments to use consistent with the rule of law and democratic values. But in other cases, companies began building and selling surveillance as a service … to authoritarian governments or governments acting inconsistently with the rule of law and human rights norms.”

Tip of the day: Is your system drive constantly full and you need to free up space regularly? Try Windows Disk Cleanup in extended mode which goes far beyond the standard procedure. Our tutorial also shows you how to create a desktop shortcut to run this advanced method right from the desktop.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News