Tag Archive for: politicians

India probing iPhone hacking complaints by opposition politicians

/in


(Corrects first name of minister in first paragraph to Ashwini)

NEW DELHI (Reuters) – India’s cyber security agency is investigating complaints of mobile phone hacking by senior opposition politicians who reported receiving warning messages from Apple, Information Technology Minister Ashwini Vaishnaw said.

Vaishnaw was quoted in the Indian Express newspaper as saying on Thursday that CERT-In, the computer emergency response team based in New Delhi, had started the probe, adding that “Apple confirmed it has received the notice for investigation”.

A political aide to Vaishnaw and two officials in the federal home ministry told Reuters that all the cyber security concerns raised by the politicians were being scrutinised.

There was no immediate comment from Apple about the investigation.

This week, Indian opposition leader Rahul Gandhi accused Prime Minister Narendra Modi’s government of trying to hack into opposition politicians’ mobile phones after some lawmakers shared screenshots on social media of a notification quoting the iPhone manufacturer as saying: “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID”.

A senior minister from Modi’s government also said he had received the same notification on his phone.

Apple said it did not attribute the threat notifications to “any specific state-sponsored attacker”, adding that “it’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected”.

In 2021, India was rocked by reports that the government had used Israeli-made Pegasus spyware to snoop on scores of journalists, activists and politicians, including Gandhi.

The government has declined to reply to questions about whether India or any of its state agencies had purchased Pegasus spyware for surveillance.

(This story has been corrected to fix the first name of the minister to Ashwini in paragraph 1)

(Reporting by Rupam Jain and Munsif Vengattil; editing by Miral Fahmy)

Source…

Hack of Egyptian Politician’s iPhone Tied to Tech Firm Sandvine

/in


(Bloomberg) — A hack that compromised the iPhone of a presidential candidate in Egypt has been linked to the computer networking company Sandvine Inc., whose equipment has previously been used by Belarus and other countries to censor the internet.

Most Read from Bloomberg

Ahmed Eltantawy, a prominent opposition politician, had his phone breached between May and September after he announced his plans to run in Egypt’s 2024 presidential elections, according to an analysis from the University of Toronto’s Citizen Lab. After conducting a forensic examination of the device, the researchers concluded with “high confidence” that the Egyptian government was behind the hack.

Eltantawy’s phone was infected with a spyware known as Predator, manufactured by North Macedonian surveillance technology firm Cytrox, the researchers found. He was lured into clicking links contained in fake security alerts that purported to be from the messaging service WhatsApp. His phone was silently redirected to a malicious website, and spyware was “injected” onto his phone with the help of technology sold by Sandvine, according to Citizen Lab’s report.

Sandvine “does not make, sell or collaborate with spyware or malware vendors,” according to an emailed statement provided to Bloomberg, which also said its products were not “capable of injecting malware or spyware.” The statement referred instead to a technique called “packet redirection,” which it said was a capability “sold by all major vendors in the space and used millions of times a day.”

“Sandvine makes products for telecom companies that enable the internet to function and to ensure that citizens have high quality access to information worldwide,” according to the statement.

Representatives from Cytrox and the Egyptian government didn’t respond to requests for comment.

Sandvine, originally founded in Canada, was acquired by San Francisco-based private equity firm Francisco Partners and combined with Procera Networks in 2017, in a deal worth $444 million. The company makes equipment, known as “deep packet inspection” technology, that can be used to manage massive flows of internet traffic passing between networks. The…

Source…

German politicians hail capture of suspected Russian ‘mole’ – DW – 12/23/2022

/in


German politicians of various stripes lined up on Friday to warn against the dangers of Russia’s hybrid warfare strategy, after the arrest of an alleged Russian spy working inside Germany’s foreign intelligence agency, the BND.

The man, a German national named only as Carsten L., is thought to have passed classified information to Russia while working for the BND. For security reasons, the intelligence agency has refused to release any further details about the suspect, the extent of the leaks, or about any further contacts he may have had. His home and offices have been searched by prosecutors.

“This is a wake-up call to everyone that Russia makes no exception to spying on us, too. To destabilize our system, the Federal Republic. And all the stops are being pulled out,” said Marie-Agnes Strack-Zimmermann, head of the parliament’s defense committee and member of the neoliberal Free Democratic Party (FDP), the smallest member of the three-party coalition government.

“This makes it clear, regardless of whether you are a top or middle or whoever agent, that Russia is trying to obtain information using all methods,” she told public broadcaster BR. “This second battlefield, as I call it, has existed for decades. Namely, the espionage, the cyber war, to influence us or to get information.”

Marie-Agnes Strack-Zimmermann speaking into DW microphone
FDP defense spokesperson Marie-Agnes Strack-Zimmermann calls the latest expionage incident a “wake-up call’

Hybrid warfare

Nils Schmid, a foreign policy spokesman for Chancellor Olaf Scholz’s center-left Social Democratic Party (SPD), struck a similar note. “This indicates that the temptation to spy is also present in Germany and that we have to be very attentive to the influence of Russia in Germany,” he said to DLF public broadcaster on Friday. “So it’s not just about the military threat, it’s about hybrid warfare.”

Schmid agreed with BND President Bruno Kahl, who said the case underlined the unscrupulous nature of Russia’s methods. “Russia has seen itself in a conflict, indeed in a war with the West for years and thinks that all means are permissible,” he said. “Murder of opposition members on German soil and, indeed, espionage.”

Bruno Kahl
BND President Bruno Kahl is worried about Russian spying…

Source…

Iran: State-Backed Hacking of Activists, Journalists, Politicians

/in


(Beirut) – Hackers backed by the Iranian government have targeted two Human Rights Watch staff members and at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians working on Middle East issues in an ongoing social engineering and credential phishing campaign, Human Rights Watch said today.

An investigation by Human Rights Watch attributed the phishing attack to an entity affiliated with the Iranian government known as APT42 and sometimes referred to as Charming Kitten. The technical analysis conducted jointly by Human Rights Watch and Amnesty International’s Security Lab identified 18 additional victims who have been targeted as part of the same campaign. The email and other sensitive data of at least three of them had been compromised: a correspondent for a major US newspaper, a women’s rights defender based in the Gulf region, and Nicholas Noe, an advocacy consultant for Refugees International based in Lebanon.

“Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups,” said Abir Ghattas, information security director at Human Rights Watch. “This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

For the three people whose accounts were known to be compromised, the attackers gained access to their emails, cloud storage drives, calendars, and contacts and also performed a Google Takeout, using a service that exports data from the core and additional services of a Google account.

Various security companies have reported on phishing campaigns by APT42 targeting Middle East-focused researchers, civil society groups, and dissidents. Most of them identify APT42 based on targeting patterns and technical evidence. Organizations such as Google and the cybersecurity companies Recorded Future, Proofpoint, and Mandiant have linked APT 42 to Iranian authorities. Identifying and naming a threat actor helps researchers to identify, track, and link hostile cyber…

Source…