According to Swedish digital rights group Qurium, an Israeli company called Bright Data helped the Philippines’ government carry out distributed denial of service attacks against a local human rights organization known as Karapatan.
In July, Qurium reported that the DOS attacks were carried out by the Philippine Army and Department of Science & Technology against media organizations that were critical of the government and also Karapatan. Last week, for example, Karapatan was hit with a series of DDOS attacks that were supposedly carried out to weaken its efforts to protest the killing of one of its members.
According to Qurium’s report, Israeli company Bright Data allegedly assisted in the deployment of the latest series of DDOS attacks. According to the company, most of the DDOS traffic that it detected came from Russia and Ukraine. It also detected action originating from servers located in the US offered by Digital Ocean and Choopa.
Qurium claimed that some servers used in the recent attacks were configured to use proxies that were provided by Bright Data. These proxy services can help speed up traffic, but they can also allow the monitoring of other people’s activities and could also lead to privacy abuses.
Qurium says the government that targeted Karapatan used a tech company called Bright Data to provide fast-changing IP addresses (up to 100 an hour) to the region to target Karapatan.
“At the beginning of our research, we speculated that this behavior could be the result of a ‘pay as you go’ stress-testing service that allowed a maximum of one hour attack time,” Qurium’s post states. “After several days monitoring the web site we could determine that the traffic patterns were the result of Luminati automatically rotating their residential and mobile proxies in an hourly basis.”
Luminati is the former name of Bright Data. Qurium asked Bright Data for an explanation and received the following comment:
“The IPs from the list you have attached (attaching it again) belong to Bright Data, however we did not find any of them in the requests that were sent to the reported domain.”
Bright Data claims to be an ethical organisation that vets all its customers and partners to ensure they use its services properly. So did another Israeli company, NSO Group, who is now facing allegations of helping with privacy abuse.
NSO Group, a leading Israeli spyware manufacturer, was accused by Amnesty International of turning a blind eye to the abuse of its spyware.