Journalist’s Phone Hacked Using An ‘Invisible’ Technique

Uploaded on 2020-07-06 in TECHNOLOGY--Hackers, FREE TO VIEW

Amnesty International has said that software developed by Israeli security firm NSO Group was probably used to attack a Moroccan journalist.  Amnesty says Moroccan secuity agncies used NSO's Pegasus software to insert spyware onto the cellphone of Omar Radi, a journalist convicted of a crime in March over a social media post.

Pegasus is reportedly a highly invasive tool that can switch on a target's phone camera and microphone as well as access data on it, effectively turning the phone into a pocket spy.

The iPhone used by Moroccan journalist Omar Radi used to stay in contact with his sources also allowed his government to spy on him and read every email, text and website visited,  listen to every phone call, monitor GPS coordinates and even turn on the camera and microphone to see and hear where the phone was at any moment.

The organisation found that Omar Radi’s phone was subjected to multiple attacks using a sophisticated new technique that silently installed NSO Group’s notorious Pegasus spyware.

The attacks occurred over a period when Radi was being repeatedly harassed by the Moroccan authorities, with one attack taking place just days after NSO pledged to stop its products being used in human rights abuses and continued until at least January 2020. Forensic evidence gathered by Amnesty International on Radi’s phone shows that it was infected by “network injection,” a fully automated method where an attacker intercepts a cellular signal when it makes a request to visit a website. 

In milliseconds, the web browser is diverted to a malicious site and spyware code is downloaded that allows remote access to everything on the phone. The browser then redirects to the intended website and the user is none the wiser.

While Amnesty could not definitively state that the Moroccan authorities were behind the attack, the group was able to use forensic evidence to conclude this was very likely the case.The episode reveals not that authoritarian governments are actively listening to the calls, monitoring the web traffic and reading the emails of journalists and human rights activists, but that they can do so undetected.

Radi is an investigative journalist who co-founded the local news site Le Desk, a partner with the Star in the International Consortium of Investigative Journalists. He specialises in the connections between politicians and business people as well as social movements and human rights. In other words, he’s a thorn in the government’s side and a prime target for surveillance, hacking and harassment.

NSO Group, which has been valued at $1 billion, sells surveillance software to governments and law enforcement agencies intended to combat terrorism. Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli hi-tech hub of Herzliya, near Tel Aviv andemploys 600 people in Israel and around the world.

Reports from around the world have implicated NSO Group’s spyware in monitoring human rights activists and journalists. Amnesty said forensic data extracted from Radi’s phone indicated he had been subjected network injection attacks in September and February 2019, and January 2020.

Amnesty International and others have documented a pattern of NSO Group’s Pegasus spyware being used to target civil society. The spyware has been used in attacks on journalists and parliamentarians in Mexico; Saudi Arabaia and te UAE and allegedly, used in connection with murdered Saudi dissident Jamal Khashoggi.

NSO is being sued in the United States by messaging service WhatsApp over alleged cyberespionage on human rights activists and others. 

The Israeli firm says it only licenses its software to governments for "fighting crime and terror" and that it investigates credible allegations of misuse.

Amnesty:      Amnesty:     The Record:      Guardian:        Daily Sabah:

You Might Also Read:

WhatsApp Penetrated By Spyware:

 

« Iran’s Nuclear Site Attacked Following Attempts To Hack Israel's Water System
Maritime Data For Sale On the Dark Web »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Karamba Security

Karamba Security

Karamba provide an IoT Security solution for ECUs in automobiles which ensures that all cars are protected (not just autonomous cars).

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Tevora

Tevora

Tevora is a specialized management consultancy focused on cyber security, risk, and compliance services.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

Sansec

Sansec

Sansec is the global leader in eCommerce malware and vulnerability detection. We help you to stay ahead of hackers!

Gridware

Gridware

Gridware is a specialised cybersecurity consultancy firm and an emerging global player in the cybersecurity intelligence and advisory field.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.