Category Archives: Hacking

Police use of Pegasus malware not illegal, Israeli inquiry finds

Posted on by

Police have been accused of spying on at least 26 individuals who are not criminal suspects

An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there is no evidence suggesting illegality.

In a series of explosive reports over the last two months, the local financial daily newspaper Calcalist accused the police of spying on at least 26 individuals who were not criminal suspects. Those named included politicians, protesters, and members of the former prime minister Benjamin Netanyahu’s inner circle – claims Netanyahu used to delay proceedings in his corruption trial.

Continue reading...

Foreign money funding ‘extremism’ in Canada, says hacker

Posted on by

Exclusive: leak shows more than half of donations to convoy protest through GiveSendGo came from US

A hacker who leaked the names and locations of more than 90,000 people who donated money to the Canadian trucker convoy protest has said it exposed how money from abroad had funded “extremism” in the country.

In an exclusive interview, the hacker told the Guardian that Canada was “not safe from foreign political manipulation”. “You see a huge amount of money that isn’t even coming from Canada – that’s plain as day,” said the hacker, who belongs to the hacktivist group Anonymous.

Continue reading...

Ukraine says evidence points to Russia being behind cyber-attack

Posted on by

Claim comes as Microsoft warns hack that hit government websites could be worse than first feared

Ukraine has said it has “evidence” Russia was behind a massive cyber-attack that knocked out key government websites last week, while Microsoft warned the hack could be far worse than first thought.

Tensions are at an all-time high between Ukraine and Russia, which Kyiv accuses of having massed troops on its border before a possible invasion. Some analysts fear the cyber-attack could be the prelude to a military attack.

Continue reading...

Ukraine hit by ‘massive’ cyber-attack on government websites

Posted on by

Suspected Russian hackers leave message warning: ‘Ukrainians … be afraid and expect worse’

Ukraine has been hit by a “massive” cyber-attack, with the websites of several government departments including the ministry of foreign affairs and the education ministry knocked out.

Officials said it was too early to draw any conclusions but they pointed to a “long record” of Russian cyber assaults against Ukraine, with the attack coming after security talks between Moscow and the US and its allies this week ended in stalemate.

Continue reading...

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Posted on by

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading...

Facebook bans seven ‘cyber mercenary’ companies from its platforms

Posted on by

Company will also send warnings to 48,000 people believed to be targeted by malicious activity after investigation

Facebook has banned seven “surveillance-for-hire” companies from its platforms and will send warning notices to 48,000 people who the company believes were targeted by malicious activity, following a months-long investigation into the “cyber mercenary” industry.

The social media company said on Thursday that its investigation had revealed new details about the way the surveillance companies enable their clients to “indiscriminately” target people across the internet to collect intelligence about them, manipulate them – and ultimately compromise their devices.

Black Cube, an Israeli company that gained notoriety after it emerged that the disgraced media mogul and convicted sex offender Harvey Weinstein had hired them to target women who had accused him of abuse. Black Cube rejected Facebook’s claims about its activities.

Cobwebs, another Israeli company that Facebook said enabled its clients to use public websites and dark web sites to trick targets into revealing personal information. The company also reportedly works for US clients, including a local police department in Hartford, Connecticut.

Cytrox, a North Macedonian company that Facebook said enabled its clients to infect targets with malware following phishing campaigns.

Continue reading...

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

Posted on by

Log4Shell grants easy access to internal networks, making them susceptible to data loot and loss and malware attacks

A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world.

“The internet’s on fire right now,” said Adam Meyers, senior vice-president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch”, he said, “and all kinds of people scrambling to exploit it.” He said on Friday morning that in the 12 hours since the bug’s existence was disclosed, it had been “fully weaponized”, meaning malefactors had developed and distributed tools to exploit it.

Continue reading...

Saudi women’s rights activist sues three ex-US intel operatives over hacking for UAE

Posted on by

Loujain al-Hathloul says actions of men on behalf of the UAE led to her iPhone being hacked and to her imprisonment and torture

Loujain al-Hathloul, the prominent Saudi women’s rights activist, has filed a lawsuit against three former US intelligence and military officers who have admitted in a US court to helping carry out hacking operations on behalf of the United Arab Emirates.

In her lawsuit, which was filed in a US district court in Oregon in conjunction with the Electronic Frontier Foundation, Hathloul alleged that the actions of three men – Marc Baier, Ryan Adams, and Daniel Gericke – led to her iPhone being hacked and communication being exfiltrated by UAE security officials.

Continue reading...

Rights groups urge EU to ban NSO over clients’ use of Pegasus spyware

Posted on by

Letter signed by 86 organisations asks for sanctions against Israeli firm, alleging governments used its software to abuse rights

Dozens of human rights organisations have called on the European Union to impose global sanctions on NSO Group and take “every action” to prohibit the sale, transfer, export and import of the Israeli company’s surveillance technology.

The letter, signed by 86 organisations including Access Now, Amnesty International and the Digital Rights Foundation, said the EU’s sanctions regime gave it the power to target entities that were responsible for “violations or abuses that are of serious concern as regards to the objectives of the common foreign and security policy, including violations or abuses of freedom of peaceful assembly and of association, or of freedom of opinion and expression”.

Continue reading...

MI6 needs tech sector’s help to win AI race with China and Russia – spy chief

Posted on by

New boss Richard Moore to say adversaries are ‘pouring money’ into technology and the agency needs outside funding to keep up

MI6 will have to become “more open to stay secret” and work with tech companies to counter threats posed by China and Russia who seek to gain advantage by mastering artificial intelligence and other emerging technologies.

In his first speech as the foreign spy agency’s head on Tuesday, Richard Moore is expected to admit that “unlike Q in the Bond movies”, MI6 cannot develop the tools it needs in-house to counter hybrid physical and virtual threats.

Continue reading...

Apple tells Thai activists they are targets of ‘state-sponsored attackers’

Posted on by

At least 16 people including protest leaders have received alerts about devices possibly being compromised

Thai activists who have called for reform of the monarchy are among at least 16 people in Thailand who say they have been warned by Apple that they have been targeted by “state-sponsored” attackers.

Warnings were sent to the prominent activists Panusaya Sithijirawattanakul and Anon Nampa, according to Panusaya’s sister May, and the administrator of Anon’s Facebook page. Panusaya and Anon are in pre-trial detention after leading demonstrations calling for the power of the monarchy to be curbed.

Continue reading...

Palestinian activists’ mobile phones hacked using NSO spyware, says report

Posted on by

Investigation finds rights activists working for groups accused by Israel of being terrorist were previously targeted by NSO spyware

The mobile phones of six Palestinian human rights defenders who work for organisations that were recently – and controversially – accused by Israel of being terrorist groups were previously hacked by sophisticated spyware made by NSO Group, according to a report.

An investigation by Front Line Defenders (FLD), a Dublin-based human rights group, found that the mobile phones of Salah Hammouri, a Palestinian rights defender and lawyer whose Jerusalem residency status has been revoked, and five others were hacked using Pegasus, NSO’s signature spyware. In one case, the hacking was found to have occurred as far back as July 2020.

Continue reading...

US blacklisting of NSO Group shows view of major technology company as a grave threat

Posted on by

Analysis: The question now is what effect the US move will have on Israel and on foreign governments who use NSO’s spyware

The US commerce department’s blacklist is usually reserved for America’s worst enemies, such as Chinese companies that have been accused of aiding human right abuses, and Russians who proliferate biological and chemical weapons programmes.

But on Wednesday, Israel’s NSO Group joined their ranks, marking a rare decision by the Biden administration to include a major technology company that is closely regulated by the Israeli government on its list of entities that threaten US national security.

Continue reading...

At least 13 phone firms hit by suspected Chinese hackers since 2019, say experts

Posted on by

LightBasin hackers were able to obtain subscriber information and call metadata, says CrowdStrike

At least 13 phone companies around the world have been compromised since 2019 by sophisticated hackers who are believed to come from China, a cybersecurity expert group has said.

The roaming hackers – known as LightBasin – were able to “search and find” individual mobile phones and “target accordingly”, according to CrowdStrike, a group regularly cited by western intelligence.

Continue reading...

Cambridge University halts £400m deal with UAE over Pegasus spyware claims

Posted on by

Exclusive: UK institution was in line for huge donation but has paused talks due to concerns Gulf state used hacking software

The University of Cambridge has broken off talks with the United Arab Emirates over a record £400m collaboration after claims about the Gulf state’s use of controversial Pegasus hacking software, the university’s vice-chancellor has said.

The proposed deal, hailed by the university in July as a “potential strategic partnership … helping to solve some of the greatest challenges facing our planet” – would have included the largest donation of its kind in the university’s history, spanning a decade and involving direct investment from the UAE of more than £310m.

Continue reading...

Ruling in Princess Haya case raises fresh questions for Cherie Blair

Posted on by

Analysis: Blair is an adviser to NSO Group, whose Pegasus spyware was found to have been used in phone hack

The finding by a senior judge that NSO Group’s Pegasus spyware was used by the ruler of Dubai to hack the phone of his ex-wife and five of her associates, all resident in England, raises fresh questions about Cherie Blair’s involvement with the company.

NSO has previously said that its malware, which infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones, is only intended for use by its government clients against criminals and terrorists.

Continue reading...

Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds

Posted on by

Sheikh Mohammed used spyware on Princess Haya and five associates in unlawful abuse of power, judge rules

The ruler of Dubai hacked the phone of his ex-wife Princess Haya using NSO Group’s controversial Pegasus spyware in an unlawful abuse of power and trust, a senior high court judge has ruled.

The president of the family division found that agents acting on behalf of Sheikh Mohammed bin Rashid al-Maktoum, who is also prime minister of the United Arab Emirates, a close Gulf ally of Britain, hacked Haya and five of her associates while the couple were locked in court proceedings in London concerning the welfare of their two children.

Continue reading...

Spyware ‘found on phones of five French cabinet members’

Posted on by

Mediapart claims indicate that devices were targeted by NSO’s Pegasus spyware

Traces of Pegasus spyware were found on the mobile phones of at least five current French cabinet ministers, the investigative website Mediapart has reported, citing multiple anonymous sources and a confidential intelligence dossier.

The allegation comes two months after the Pegasus Project, a media consortium that included the Guardian, revealed that the phone numbers of top French officials, including French president Emmanuel Macron and most of his 20-strong cabinet, appeared in a leaked database at the heart of the investigative project.

Continue reading...

Experts say China’s low-level cyberwar is becoming severe threat

Posted on by

Activity more overt and reckless despite US, British and other political efforts to bring it to a halt

Chinese state-sponsored hacking is at record levels, western experts say, accusing Beijing of engaging in a form of low-level warfare that is escalating despite US, British and other political efforts to bring it to a halt.

There are accusations too that the clandestine activity, which has a focus on stealing intellectual property, has become more overt and more reckless, although Beijing consistently denies sponsoring hacking and accuses critics of hypocrisy.

Continue reading...

Journalist who tracked Viktor Orban’s childhood friend infected with spyware

Posted on by

Dániel Németh’s phones infected with Pegasus software while reporting on one of Hungary’s richest men

Dániel Németh, a Budapest-based photojournalist, has tried to keep a low profile in his groundbreaking work investigating and documenting the luxury lifestyle of Hungary’s ruling elite.

While his name is not well known, the 46-year-old has managed to use his drone, and public flight and ship tracking data, to find and photograph politicians and pro-government business figures, exposing their hidden luxuries such as yachts in exotic locations.

Continue reading...