Austria Probes Claim Spyware Targeted Law Firms, Banks

Austria said Friday that it was investigating a report that an Austrian company developed spyware targeting law firms, banks and consultancies in at least three countries.

Microsoft’s security team earlier this week said it found that a malware called Subzero — developed by Vienna-based company DSIRF — was deployed in 2021 and 2022.

“Observed victims to date include law firms, banks and strategic consultancies in countries such as Austria, the United Kingdom and Panama,” it wrote in a blog entry on Wednesday.

Austria’s interior ministry said it had not received reports of any incidents.

“Of course, (intelligence agency) DSN checks the allegations. So far, there is no proof of the use of spy software from the company mentioned,” it said in a statement.

[ READ: Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants ]

Austria’s Kurier newspaper cited DSIRF as saying that Subzero had not been misused and “was developed exclusively for use by authorities in EU states” and was not commercially available.

DSIRF did not immediately return a request for comment from AFP.

Austria’s interior ministry said it knew of the company but “has not had any business relationships” with it.

Last year several media outlets reported that governments around the world, including in the EU, had used Pegasus spyware made by Israel’s NSO Group to spy on opponents.

Budapest and Warsaw responded that the use of Pegasus was for legitimate national security reasons.

Related: Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’

Related: Spanish Judge to Seek Testimony From NSO on Pegasus Spyware

Related: FBI Confirms It Bought Spyware From Israel’s NSO Group