Summary

Israeli software maker Insanet has developed a commercial product called Sherlock that can infect devices via online adverts to snoop on targets and collect data about them for the biz’s clients. This is the first time details of Insanet and its surveillanceware have been made public. Sherlock is capable of drilling its way into Microsoft Windows, Google Android, and Apple iOS devices. Insanet received approval from Israel’s Defense Ministry to sell Sherlock globally as a military product albeit under various tight restrictions, such as only selling to Western nations.

To market its snoopware, Insanet reportedly teamed up with Candiru, an Israel-based spyware maker that has been sanctioned in the US, to offer Sherlock along with Candiru’s spyware.

The Electronic Frontier Foundation’s Director of Activism Jason Kelley said Insanet’s use of advertising technology to infect devices and spy on clients’ targets makes it especially worrisome.

There are some measures netizens can take to protect themselves from Sherlock and other data-harvesting technologies.

• not loading JavaScript
• using ad blockers or privacy-aware browsers
• not clicking on advertisements
• pass consumer data privacy laws