Austrian firm accused by Microsoft remains adamant that hacking tool was for EU state-use only

An Austrian tech firm accused by Microsoft of creating spyware used to target client computer systems in South America has claimed its tool – named Subzero – was for official use in EU states only.

According to Microsoft’s Threat Intelligence Center (MSTIC) and its Security Response Center (MSRC), the DSIRF spyware – capable of accessing confidential information such as passwords or log-on credentials –  was deployed at an “unspecified” number of unidentified banks, law firms and strategic consultancies in in Austria, the United Kingdom, and Panama.

Microsoft’s security researchers linked the software to a threat group known as Knotweed, but DSIRF told Reuters, in an emailed statement, that its software “has been developed exclusively for official use in states of the EU. It is neither offered, sold nor made available for commercial use”.

“In view of the facts described by Microsoft, DSIRF resolutely rejects the impression that it has misused Subzero software,” it added.

Spyware tools seem to be coming into increased focus, with Thai authorities most recently admitting to using it in “limited” cases, such as dealings with national security and drugs.

Austria’s interior ministry told local news agency APA on Friday that it was investigating the Microsoft claims but the US tech giant declined to offer further comment.

“Of course, DSN (the National Security and Intelligence Directorate) checks the allegations. So far, there is no proof of the use of spy software from the company mentioned,” read a statement published by Austria’s interior ministry.

According to Reuters, DSIRF said they had commissioned an independent expert to investigate the issues raised by Microsoft, and had reached out to the US tech giant for “collaboration on the issue”.