Police hold Israeli industrial espionage Trojan suspects

Sophos Press Release
Spyware. Image copyright (c) Sophos
Spyware allows remote hackers to steal confidential information from other PCs.

According to a Reuters media report, a married couple accused of developing a Trojan horse to spy on top Israeli companies have been placed in custody by the Israeli police.

Michael Haephrati, and his wife Ruth Brier-Haephrati, were arrested in May 2005 in London, accused of writing malicious spyware software which was bought by private investigators to help top Israeli businesses spy on their competitors.

The couple were flown into Tel Aviv last night after Britain approved their extradition. They are now expected to be interrogated by police involved in the major industrial espionage investigation.

Companies probed by the Israeli authorities in connection with the case include mobile phone operators, Cellcom and Pelephone, and satellite television provider YES. All firms have denied any wrong doing. The Trojan horse is said to have spied upon the Rani Rahav PR agency (whose clients include Israel's second biggest mobile phone operator, Partner Communications), and the HOT cable television group. Mayer, a company which imports Volvo and Honda cars to Israel is suspected of having spied on rival Champion Motors, who import vehicles made by Audi and Volkswagen.

At least 18 other people, including corporate executives, have been questioned by police investigating the case. A number of private investigators, said to have been clients of the Haephratis, have been indicted in connection with the investigation.

According to reports in the Israeli media, the Haephratis are said to have offered to testify against their alleged clients in exchange for a reduced sentence.

Last week, according to the media report, a programme on Israel's Channel Two television channel conducted a telephone interview with the Haephratis from the British prison where they were being held. The programme claimed that Michael Haephrati originally developed the Trojan horse as a joke, and then attempted to market it to Israel's defense agencies. Ruth Brier-Haephrati is said to have then decided alone to sell it to private investigators working for corporations.

"I take full responsibility for my mistakes," Ruth Brier-Haephrati is said to have told the TV channel. "Michael always told me, 'Don't do it. Don't get in touch with the investigators. I have a feeling they are misusing the system.'"

"Some people will raise an eyebrow in surprise that industrial espionage like that apparently revealed by this investigation is occuring, but this is just the tip of the iceberg," said Graham Cluley, senior technology consultant for Sophos. "Every business needs to ensure its defenses are in place to protect against spyware and other malicious attacks. The threat of written-to-order Trojan horses and hackers-for-hire is very real."

The Haephratis could face a jail term of five years if found guilty by an Israeli court, but the sentence could rise if it is shown sensitive data was stolen.

For more information about the latest trends in spyware, spam and viruses, read the in-depth Sophos Security Threat Management Report 2005:

Download "Sophos Security Threat Management Report 2005"

Sophos recommends that all computer users should ensure that they are running an anti-virus product which is configured to automatically update itself, security patches and firewall software.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.