Journalist’s Phone Hacked Using An ‘Invisible’ Technique

Uploaded on 2020-07-06 in TECHNOLOGY--Hackers, FREE TO VIEW

Amnesty International has said that software developed by Israeli security firm NSO Group was probably used to attack a Moroccan journalist.  Amnesty says Moroccan secuity agncies used NSO's Pegasus software to insert spyware onto the cellphone of Omar Radi, a journalist convicted of a crime in March over a social media post.

Pegasus is reportedly a highly invasive tool that can switch on a target's phone camera and microphone as well as access data on it, effectively turning the phone into a pocket spy.

The iPhone used by Moroccan journalist Omar Radi used to stay in contact with his sources also allowed his government to spy on him and read every email, text and website visited,  listen to every phone call, monitor GPS coordinates and even turn on the camera and microphone to see and hear where the phone was at any moment.

The organisation found that Omar Radi’s phone was subjected to multiple attacks using a sophisticated new technique that silently installed NSO Group’s notorious Pegasus spyware.

The attacks occurred over a period when Radi was being repeatedly harassed by the Moroccan authorities, with one attack taking place just days after NSO pledged to stop its products being used in human rights abuses and continued until at least January 2020. Forensic evidence gathered by Amnesty International on Radi’s phone shows that it was infected by “network injection,” a fully automated method where an attacker intercepts a cellular signal when it makes a request to visit a website. 

In milliseconds, the web browser is diverted to a malicious site and spyware code is downloaded that allows remote access to everything on the phone. The browser then redirects to the intended website and the user is none the wiser.

While Amnesty could not definitively state that the Moroccan authorities were behind the attack, the group was able to use forensic evidence to conclude this was very likely the case.The episode reveals not that authoritarian governments are actively listening to the calls, monitoring the web traffic and reading the emails of journalists and human rights activists, but that they can do so undetected.

Radi is an investigative journalist who co-founded the local news site Le Desk, a partner with the Star in the International Consortium of Investigative Journalists. He specialises in the connections between politicians and business people as well as social movements and human rights. In other words, he’s a thorn in the government’s side and a prime target for surveillance, hacking and harassment.

NSO Group, which has been valued at $1 billion, sells surveillance software to governments and law enforcement agencies intended to combat terrorism. Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli hi-tech hub of Herzliya, near Tel Aviv andemploys 600 people in Israel and around the world.

Reports from around the world have implicated NSO Group’s spyware in monitoring human rights activists and journalists. Amnesty said forensic data extracted from Radi’s phone indicated he had been subjected network injection attacks in September and February 2019, and January 2020.

Amnesty International and others have documented a pattern of NSO Group’s Pegasus spyware being used to target civil society. The spyware has been used in attacks on journalists and parliamentarians in Mexico; Saudi Arabaia and te UAE and allegedly, used in connection with murdered Saudi dissident Jamal Khashoggi.

NSO is being sued in the United States by messaging service WhatsApp over alleged cyberespionage on human rights activists and others. 

The Israeli firm says it only licenses its software to governments for "fighting crime and terror" and that it investigates credible allegations of misuse.

Amnesty:      Amnesty:     The Record:      Guardian:        Daily Sabah:

You Might Also Read:

WhatsApp Penetrated By Spyware:

 

« Iran’s Nuclear Site Attacked Following Attempts To Hack Israel's Water System
Maritime Data For Sale On the Dark Web »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

Swivel Secure

Swivel Secure

Swivel Secure is an award winning provider of multi-factor authentication solutions.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

Pradeo

Pradeo

Pradeo Security offers a complete, automatic and seamless protection to mobile devices and applications, aligned with your organization security policy while preserving business agility.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

Veriato

Veriato

Veriato develops intelligent solutions that provide companies with visibility into the human behaviors and activities occurring within their network, making them more secure and productive.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

WISeKey

WISeKey

WISeKey is a leading cybersecurity company currently deploying large scale digital identity ecosystems for people and objects using Blockchain, AI and IoT.

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Somos

Somos

From voice to messaging to fraud prevention and beyond, Somos are committed to developing innovative solutions that ensure that our ability to maintain trustworthy connections never stops.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.

Point Wild

Point Wild

Point Wild is a holding company that acquires, integrates and manages a diverse portfolio of best-in-class cybersecurity brands for consumers and enterprises.