Meta has notified about 50,000 Facebook and Instagram users that they may have been targeted by seven private "surveillance-for-hire" firms.
"The global surveillance-for-hire industry targets people across the internet to collect intelligence, manipulate them into revealing information and compromise their devices and accounts," Meta Director of Threat Disruption David Agranovich and Head of Cyber Espionage Investigations Mike Dvilyanski said in a blog post Thursday.
"They provided services across all three phases of the surveillance chain to indiscriminately target people in over 100 countries on behalf of their clients."
The firms, which are based in Israel, India, North Macedonia and China, include Cobwebs Technologies, Cognyte, Black Cube, Blue Hawk CI, BellTroX, Cytrox and an unknown Chinese entity.
In total, about 1,500 accounts linked to the firms and their customers carried out some combination of reconnaissance, engagement and exploitation, including posing as graduate students, journalists, politicians, film and TV producers and nonprofit and human rights workers and tricking users into revealing personal information or installing malware, according to Meta's threat report.
In addition to banning the firms from its platforms for multiple community guidelines violations, Meta blocked related internet infrastructure, issued cease and desist letters and shared its findings with security researchers, other platforms and policymakers.
"Protecting people against cyber mercenaries operating across many platforms and national boundaries requires a collective effort from platforms, policymakers and civil society to counter the underlying market and its incentive structure," Agranovich and Dvilyanski added. "We believe a public discussion about the use of surveillance-for-hire technology is urgently needed to deter the abuse of these capabilities both among those who sell them and those who buy them."
The latest surveillance effort comes after Meta took legal action in 2019 against NSO Group, an Israeli firm that allegedly used Pegasus "spyware" to target journalists and world leaders via WhatsApp. Last month, NSO Group was blacklisted by the U.S. government.