Journalist’s Phone Hacked Using An ‘Invisible’ Technique

Uploaded on 2020-07-06 in TECHNOLOGY--Hackers, FREE TO VIEW

Amnesty International has said that software developed by Israeli security firm NSO Group was probably used to attack a Moroccan journalist.  Amnesty says Moroccan secuity agncies used NSO's Pegasus software to insert spyware onto the cellphone of Omar Radi, a journalist convicted of a crime in March over a social media post.

Pegasus is reportedly a highly invasive tool that can switch on a target's phone camera and microphone as well as access data on it, effectively turning the phone into a pocket spy.

The iPhone used by Moroccan journalist Omar Radi used to stay in contact with his sources also allowed his government to spy on him and read every email, text and website visited,  listen to every phone call, monitor GPS coordinates and even turn on the camera and microphone to see and hear where the phone was at any moment.

The organisation found that Omar Radi’s phone was subjected to multiple attacks using a sophisticated new technique that silently installed NSO Group’s notorious Pegasus spyware.

The attacks occurred over a period when Radi was being repeatedly harassed by the Moroccan authorities, with one attack taking place just days after NSO pledged to stop its products being used in human rights abuses and continued until at least January 2020. Forensic evidence gathered by Amnesty International on Radi’s phone shows that it was infected by “network injection,” a fully automated method where an attacker intercepts a cellular signal when it makes a request to visit a website. 

In milliseconds, the web browser is diverted to a malicious site and spyware code is downloaded that allows remote access to everything on the phone. The browser then redirects to the intended website and the user is none the wiser.

While Amnesty could not definitively state that the Moroccan authorities were behind the attack, the group was able to use forensic evidence to conclude this was very likely the case.The episode reveals not that authoritarian governments are actively listening to the calls, monitoring the web traffic and reading the emails of journalists and human rights activists, but that they can do so undetected.

Radi is an investigative journalist who co-founded the local news site Le Desk, a partner with the Star in the International Consortium of Investigative Journalists. He specialises in the connections between politicians and business people as well as social movements and human rights. In other words, he’s a thorn in the government’s side and a prime target for surveillance, hacking and harassment.

NSO Group, which has been valued at $1 billion, sells surveillance software to governments and law enforcement agencies intended to combat terrorism. Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli hi-tech hub of Herzliya, near Tel Aviv andemploys 600 people in Israel and around the world.

Reports from around the world have implicated NSO Group’s spyware in monitoring human rights activists and journalists. Amnesty said forensic data extracted from Radi’s phone indicated he had been subjected network injection attacks in September and February 2019, and January 2020.

Amnesty International and others have documented a pattern of NSO Group’s Pegasus spyware being used to target civil society. The spyware has been used in attacks on journalists and parliamentarians in Mexico; Saudi Arabaia and te UAE and allegedly, used in connection with murdered Saudi dissident Jamal Khashoggi.

NSO is being sued in the United States by messaging service WhatsApp over alleged cyberespionage on human rights activists and others. 

The Israeli firm says it only licenses its software to governments for "fighting crime and terror" and that it investigates credible allegations of misuse.

Amnesty:      Amnesty:     The Record:      Guardian:        Daily Sabah:

You Might Also Read:

WhatsApp Penetrated By Spyware:

 

« Iran’s Nuclear Site Attacked Following Attempts To Hack Israel's Water System
Maritime Data For Sale On the Dark Web »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Securi-Tay

Securi-Tay

Securi-Tay is an information Security conference held by the Ethical Hacking Society at Abertay University, Dundee.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO was founded in 2015 with the aim of counteracting the threats posed by globally organized cybercrime and state-controlled industrial espionage.

Communications Security Establishment (CSE) - Canada

Communications Security Establishment (CSE) - Canada

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

CARICERT

CARICERT

CARICERT is the National Cyber Emergency Response Team of Curacao in the Caribbean.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

Ascend Technologies

Ascend Technologies

Ascend Technologies offers a full suite of managed IT services including: Cloud & Infrastructure Management, Cybersecurity Management, Service Desk Management, Application Management , Data Management

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

CyberAcuView

CyberAcuView

CyberAcuView is a company dedicated to enhancing cyber risk mitigation efforts across the insurance industry.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Nortal

Nortal

Nortal is a strategic digital transformation partner for leading companies and governments around the world.

Apex

Apex

We aspire to make the AI revolution run faster, securely, for the benefit of all. We are purposely built for the new AI era and are creating capabilities to safely enable AI.

Cyberscope

Cyberscope

Cyberscope is a Web3 security firm specializing in smart contract audits, crypto security audits, and blockchain vulnerability assessments.