UAE Using Israeli Spy Technology

The United Arab Emirates has been accused of purchasing Israeli malware capable of turning Apple’s iPhones into remote spying devices to clamp down voices of dissent.

The revelation was made by the University of Toronto’s Citizen Lab after human rights activist Ahmed Mansoor sent them a suspicious link which, had been sent to him via a text message.

The link claimed to contain “new secrets” about detainees being tortured in UAE prisons.

 “We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based ‘cyber war’ company that sells Pegasus, a government-exclusive ‘lawful intercept’ spyware product,” said Citizen Lab in a statement.

“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile  chat apps, and tracking his movements,” it added.

The lab, which focuses on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security, said that the UAE government was “the likely operator behind the targeting,” and noted that the attack was traced back to software designed by Israel’s NSO Group, which writes and sells spyware to clients, including foreign governments.

The NSO, which is reportedly run by former members of the Israeli army’s Unit 8200 electronic surveillance branch, refrained from commenting whether it had sold the software to Abu Dhabi as they “cannot confirm the specific cases.”

“The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner. Specifically, the products may only be used for the prevention and investigation of crimes,” said NSO spokesman Zamir Dahbash.

The discovery prompted Apple to release an urgent software update aimed at blocking the exploitation used by the spyware.

Mansoor, a prominent and internationally recognized human rights activist, has been arrested and tortured in the past and has also been the target of sophisticated malware written by a private intelligence firm.

“The targeting of these activists and dissidents is a taste of what’s to come,” Citizen Lab researcher Bill Marczak. “What they’re facing today will be faced by ordinary users tomorrow,” he added.

Ein News:     Ein News

 

« Are US Voting Machines Secure From Hackers?
Australian Government Networks Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

Ubiq Security

Ubiq Security

Ubiq has developed a software solution that secures any type of data, on any device, anywhere, with nearly no impact to system performance or user experience.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

Cybero

Cybero

Cybero offers professional corporate cybersecurity training tailored to your business requirements.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Cytenna

Cytenna

Cytenna Signal is a suite of SaaS (Software-as-a-Service) products that use AI and machine learning to automatically aggregate the latest information about software vulnerabilities.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

European Data Protection Supervisor (EDPS)

European Data Protection Supervisor (EDPS)

The EDPS is the European Union’s independent data protection authority. We monitor and ensure the protection of personal data and privacy when EU institutions and bodies process personal information.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

Multidisciplinary Institute for Cybersecurity and Cyber Resilience (IMC2)

IMC2 brings together resources to carry out ambitious, innovative and multidisciplinary projects in the field of cybersecurity and cyber resilience.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.