​
[ ](https://preview.redd.it/80nliptpc5081.png?width=728&format=png&auto=webp&s=c7dc32d80d42b92ec6f0be709143d7ae60ce511e)
Israeli spyware vendor Candiru, which was [added](https://thehackernews.com/2021/11/us-sanctions-pegasus-maker-nso-group.html) to an economic blocklist by the U.S. government this month, is said to have reportedly waged “watering hole” attacks against high-profile entities in the U.K. and the Middle East, new findings reveal.
“The victimized websites belong to media outlets in the U.K., Yemen, and Saudi Arabia, as well as to Hezbollah; to government institutions in Iran (Ministry of Foreign Affairs), Syria (including the Ministry of Electricity), and Yemen (including the Ministries of Interior and Finance); to internet service providers in Yemen and Syria; and to aerospace/military technology companies in Italy and South Africa,” ESET [said](https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/) in a new report. “The attackers also created a website mimicking a medical trade fair in Germany