Israeli Startup Sherlock Turns Online Ads into a Surveillance Tool

An Israeli IT company, Insanet, has developed a commercial product called Sherlock that, according to an investigation by Haaretz, can infect devices through online advertising to monitor users and collect data. This is the first time information about Insanet and its surveillance software has become public. Sherlock is capable of infiltrating devices running Microsoft Windows, Google Android, and Apple iOS.

Researcher Omer Benjakob emphasized, “This is the first time in the world that such a system is being sold as a technology, not a service.” Approval to sell Sherlock was granted by Israel’s Ministry of Defense, but with several restrictions, including sales only to democratic countries.

Founded in 2019, Insanet is owned by former military and national security professionals. Among the founders are former head of Israel’s National Security Council Dani Arditi, as well as Ariel Eisen and Roy Lemkin.

To promote its product, Insanet partnered with Israeli spyware manufacturer Candiru. The cost for a client to use Sherlock for hacking is around 6 million euros.

Concerns and Recommendations

Jason Kelley, Director of Activism at the Electronic Frontier Foundation, highlighted that Insanet’s use of online advertising technology makes the product especially dangerous, as attacks can be targeted at specific groups of people. He recommends legal regulation of data collection to prevent its use for surveillance purposes.

However, there is some good news: due to the high cost and other requirements, Sherlock is likely to pose minimal risk to most people.

As a precaution, it is recommended to use ad blockers, privacy-focused browsers, and to avoid clicking on ads.