UAE Using Israeli Spy Technology

The United Arab Emirates has been accused of purchasing Israeli malware capable of turning Apple’s iPhones into remote spying devices to clamp down voices of dissent.

The revelation was made by the University of Toronto’s Citizen Lab after human rights activist Ahmed Mansoor sent them a suspicious link which, had been sent to him via a text message.

The link claimed to contain “new secrets” about detainees being tortured in UAE prisons.

 “We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based ‘cyber war’ company that sells Pegasus, a government-exclusive ‘lawful intercept’ spyware product,” said Citizen Lab in a statement.

“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile  chat apps, and tracking his movements,” it added.

The lab, which focuses on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security, said that the UAE government was “the likely operator behind the targeting,” and noted that the attack was traced back to software designed by Israel’s NSO Group, which writes and sells spyware to clients, including foreign governments.

The NSO, which is reportedly run by former members of the Israeli army’s Unit 8200 electronic surveillance branch, refrained from commenting whether it had sold the software to Abu Dhabi as they “cannot confirm the specific cases.”

“The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner. Specifically, the products may only be used for the prevention and investigation of crimes,” said NSO spokesman Zamir Dahbash.

The discovery prompted Apple to release an urgent software update aimed at blocking the exploitation used by the spyware.

Mansoor, a prominent and internationally recognized human rights activist, has been arrested and tortured in the past and has also been the target of sophisticated malware written by a private intelligence firm.

“The targeting of these activists and dissidents is a taste of what’s to come,” Citizen Lab researcher Bill Marczak. “What they’re facing today will be faced by ordinary users tomorrow,” he added.

Ein News:     Ein News

 

« Are US Voting Machines Secure From Hackers?
Australian Government Networks Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

ESNC

ESNC

ESNC’s vulnerability management and real-time SAP security monitoring solutions help largest corporations in the world to effectively prioritize SAP security tasks and secure their business.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Parameter Security

Parameter Security

Parameter Security is a provider of ethical hacking and information security services.

ANSEC IA

ANSEC IA

ANSEC is a consultancy practice providing independent Information Assurance and IT Security focussed services to customers throughout the UK, Ireland and internationally.

Cufflink

Cufflink

Cufflink makes your business more secure, compliant and trusted. We limit the likelihood and impact of a data breach by controlling exactly what can and can't be done with personal data.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

Riskonnect

Riskonnect

Riskonnect technology empowers organizations with the ability to anticipate, manage, and respond in real-time to strategic, operational, and digital risks across the extended enterprise.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

Klaatu IT Security (KITS)

Klaatu IT Security (KITS)

Klaatu IT Security is a boutique provider of cyber security services, empowering our clients to prioritise and reduce their cyber risk.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

Oxylabs

Oxylabs

Oxylabs is the largest datacenter proxy pool in the market, with over 2 million proxies. Designed for high-traffic, fast web data gathering while ensuring superior performance.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.