• Undercover agents target cybersecurity watchdog who detailed Israeli firm NSO’s link to #Khashoggi scandal

    Operatives with fake identities are pursuing members of #Citizen_Lab, the group that uncovered the connection between Jamal Khashoggi’s murder and Israel’s surveillance company #NSO
    The Associated Press | Jan. 26, 2019 | 4:19 PM

    The researchers who reported that Israeli software was used to spy on Washington Post journalist Jamal Khashoggi’s inner circle before his gruesome death are being targeted in turn by international undercover operatives, The Associated Press has found.

    Twice in the past two months, men masquerading as socially conscious investors have lured members of the Citizen Lab internet watchdog group to meetings at luxury hotels to quiz them for hours about their work exposing Israeli surveillance and the details of their personal lives. In both cases, the researchers believe they were secretly recorded.

    Citizen Lab Director Ron Deibert described the stunts as “a new low.”

    “We condemn these sinister, underhanded activities in the strongest possible terms,” he said in a statement Friday. “Such a deceitful attack on an academic group like the Citizen Lab is an attack on academic freedom everywhere.”

    Who these operatives are working for remains a riddle, but their tactics recall those of private investigators who assume elaborate false identities to gather intelligence or compromising material on critics of powerful figures in government or business.

    Citizen Lab, based out of the Munk School of Global Affairs at the University of Toronto, has for years played a leading role in exposing state-backed hackers operating in places as far afield as Tibet , Ethiopia and Syria . Lately the group has drawn attention for its repeated exposés of an Israeli surveillance software vendor called the NSO Group, a firm whose wares have been used by governments to target journalists in Mexico , opposition figures in Panama and human rights activists in the Middle East .

    In October, Citizen Lab reported that an iPhone belonging to one of Khashoggi’s confidantes had been infected by the NSO’s signature spy software only months before Khashoggi’s grisly murder. The friend, Saudi dissident Omar Abdulaziz, would later claim that the hacking had exposed Khashoggi’s private criticisms of the Saudi royal family to the Arab kingdom’s spies and thus “played a major role” in his death.

    In a statement, NSO denied having anything to do with the undercover operations targeting Citizen Lab, “either directly or indirectly” and said it had neither hired nor asked anyone to hire private investigators to pursue the Canadian organization. “Any suggestion to the contrary is factually incorrect and nothing more than baseless speculation,” NSO said.

    NSO has long denied that its software was used to target Khashoggi, although it has refused to comment when asked whether it has sold its software to the Saudi government more generally.

    The first message reached Bahr Abdul Razzak, a Syrian refugee who works as a Citizen Lab researcher, Dec. 6, when a man calling himself Gary Bowman got in touch via LinkedIn. The man described himself as a South African financial technology executive based in Madrid.

    “I came across your profile and think that the work you’ve done helping Syrian refugees and your extensive technical background could be a great fit for our new initiative,” Bowman wrote.

    Abdul Razzak said he thought the proposal was a bit odd, but he eventually agreed to meet the man at Toronto’s swanky Shangri-La Hotel on the morning of Dec. 18.

    The conversation got weird very quickly, Abdul Razzak said.

    Instead of talking about refugees, Abdul Razzak said, Bowman grilled him about his work for Citizen Lab and its investigations into the use of NSO’s software. Abdul Razzak said Bowman appeared to be reading off cue cards, asking him if he was earning enough money and throwing out pointed questions about Israel, the war in Syria and Abdul Razzak’s religiosity.

    “Do you pray?” Abdul Razzak recalled Bowman asking. “Why do you write only about NSO?” ’’Do you write about it because it’s an Israeli company?" ’’Do you hate #Israel?"

    Abdul Razzak said he emerged from the meeting feeling shaken. He alerted his Citizen Lab colleagues, who quickly determined that the breakfast get-together had been a ruse. Bowman’s supposed Madrid-based company, FlameTech, had no web presence beyond a LinkedIn page, a handful of social media profiles and an entry in the business information platform Crunchbase. A reverse image search revealed that the profile picture of the man listed as FlameTech’s chief executive, Mauricio Alonso, was a stock photograph.

    “My immediate gut feeling was: ’This is a fake,’” said John Scott-Railton, one of Abdul Razzak’s colleagues.

    Scott-Railton flagged the incident to the AP, which confirmed that FlameTech was a digital facade.

    Searches of the Orbis database of corporate records, which has data on some 300 million global companies, turned up no evidence of a Spanish firm called FlameTech or Flame Tech or any company anywhere in the world matching its description. Similarly, the AP found no record of FlameTech in Madrid’s official registry or of a Gary Bowman in the city’s telephone listings. An Orbis search for Alonso, the supposed chief executive, also drew a blank. When an AP reporter visited Madrid’s Crystal Tower high-rise, where FlameTech claimed to have 250 sq. meters (2,700 sq. feet) of office space, he could find no trace of the firm and calls to the number listed on its website went unanswered.

    The AP was about to publish a story about the curious company when, on Jan. 9, Scott-Railton received an intriguing message of his own.

    This time the contact came not from Bowman of FlameTech but from someone who identified himself as Michel Lambert, a director at the Paris-based agricultural technology firm CPW-Consulting.

    Lambert had done his homework. In his introductory email , he referred to Scott-Railton’s early doctoral research on kite aerial photography — a mapping technique using kite-mounted cameras — and said he was “quite impressed.

    We have a few projects and clients coming up that could significantly benefit from implementing Kite Aerial Photography,” he said.

    Like FlameTech, CPW-Consulting was a fiction. Searches of Orbis and the French commercial court registry Infogreffe turned up no trace of the supposedly Paris-based company or indeed of any Paris-based company bearing the acronym CPW. And when the AP visited CPW’s alleged office there was no evidence of the company; the address was home to a mainly residential apartment building. Residents and the building’s caretaker said they had never heard of the firm.

    Whoever dreamed up CPW had taken steps to ensure the illusion survived a casual web search, but even those efforts didn’t bear much scrutiny. The company had issued a help wanted ad, for example, seeking a digital mapping specialist for their Paris office, but Scott-Railton discovered that the language had been lifted almost word-for-word from an ad from an unrelated company seeking a mapping specialist in London. A blog post touted CPW as a major player in Africa, but an examination of the author’s profile suggests the article was the only one the blogger had ever written.

    When Lambert suggested an in-person meeting in New York during a Jan. 19 phone call , Scott-Railton felt certain that Lambert was trying to set him up.

    But Scott-Railton agreed to the meeting. He planned to lay a trap of his own.

    Anyone watching Scott-Railton and Lambert laughing over wagyu beef and lobster bisque at the Peninsula Hotel’s upscale restaurant on Thursday afternoon might have mistaken the pair for friends.

    In fact, the lunch was Spy vs. Spy. Scott-Railton had spent the night before trying to secret a homemade camera into his tie, he later told AP, eventually settling for a GoPro action camera and several recording devices hidden about his person. On the table, Lambert had placed a large pen in which Scott-Railton said he spotted a tiny camera lens peeking out from an opening in the top.

    Lambert didn’t seem to be alone. At the beginning of the meal, a man sat behind him, holding up his phone as if to take pictures and then abruptly left the restaurant, having eaten nothing. Later, two or three men materialized at the bar and appeared to be monitoring proceedings.

    Scott-Railton wasn’t alone either. A few tables away, two Associated Press journalists were making small talk as they waited for a signal from Scott-Railton, who had invited the reporters to observe the lunch from nearby and then interview Lambert near the end of the meal.

    The conversation began with a discussion of kites, gossip about African politicians, and a detour through Scott-Railton’s family background. But Lambert, just like Bowman, eventually steered the talk to Citizen Lab and NSO.

    “Work drama? Tell me, I like drama!” Lambert said at one point, according to Scott-Railton’s recording of the conversation. “Is there a big competition between the people inside Citizen Lab?” he asked later.

    Like Bowman, Lambert appeared to be working off cue cards and occasionally made awkward conversational gambits. At one point he repeated a racist French expression, insisting it wasn’t offensive. He also asked Scott-Railton questions about the Holocaust, anti-Semitism and whether he grew up with any Jewish friends. At another point he asked whether there might not be a “racist element” to Citizen Lab’s interest in Israeli spyware.

    After dessert arrived, the AP reporters approached Lambert at his table and asked him why his company didn’t seem to exist.
    He seemed to stiffen.

    “I know what I’m doing,” Lambert said, as he put his files — and his pen — into a bag. Then he stood up, bumped into a chair and walked off, saying “Ciao” and waving his hand, before returning because he had neglected to pay the bill.

    As he paced around the restaurant waiting for the check, Lambert refused to answer questions about who he worked for or why no trace of his firm could be found.

    “I don’t have to give you any explanation,” he said. He eventually retreated to a back room and closed the door.

    Who Lambert and Bowman really are isn’t clear. Neither men returned emails, LinkedIn messages or phone calls. And despite their keen focus on NSO the AP has found no evidence of any link to the Israeli spyware merchant, which is adamant that it wasn’t involved.

    The kind of aggressive investigative tactics used by the mystery men who targeted Citizen Lab have come under fire in the wake of the Harvey Weinstein sexual abuse scandal. Black Cube, an Israeli private investigation firm apologized after The New Yorker and other media outlets revealed that the company’s operatives had used subterfuge and dirty tricks to help the Hollywood mogul suppress allegations of rape and sexual assault.

    Scott-Railton and Abdul Razzak said they didn’t want to speculate about who was involved. But both said they believed they were being steered toward making controversial comments that could be used to blacken Citizen Lab’s reputation.

    “It could be they wanted me to say, ’Yes, I hate Israel,’ or ’Yes, Citizen Lab is against NSO because it’s Israeli,’” said Abdul Razzak.
    Scott-Railton said the elaborate, multinational operation was gratifying, in a way.

    “People were paid to fly to a city to sit you down to an expensive meal and try to convince you to say bad things about your work, your colleagues and your employer,” he said.

    “That means that your work is important.”

  • Litigation and Other Formal Complaints Concerning Targeted Digital Surveillance and the Digital Surveillance Industry

    This is a living resource document providing links and descriptions to litigation and other formal complaints concerning digital surveillance and the digital surveillance industry. If you have additional resources to add to this document, please send to Siena Anstis : siena [at] citizen lab [dot] ca. This document was last updated on December 12, 2018.

    #NSO #spyware #sécuritaire #activisme #web #surveillance #écoutes #CitizenLab #Gamma #FinFisher #FinSpy #AMESys #RSF #Amnesty #PrivacyInternational #Qosmos #Deep_Packet_Inspection_(DPI) #FIDH #LDH


  • How the Saudis may have spied on Jamal Khashoggi

    Omar Abdulaziz, a 27-year-old Saudi Arabian dissident, can still remember the time Jamal Khashoggi, the storied Saudi journalist, unfollowed him on Twitter. It was in 2015, and Khashoggi had been tapped to head a new TV network called Al-Arab, a partnership between a member of the royal family and Bloomberg. Abdulaziz started haranguing Khashoggi online, demanding that the network provide a platform for genuine critics of the Saudi regime. “He got so mad at me,” Abdulaziz recalled in a (...)

    #NSO #smartphone #spyware #écoutes #activisme #journalisme #surveillance #CitizenLab

  • How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil

    Following a Citizen Lab report that identified the presence of NSO’s Pegasus spyware technology in Quebec, researchers contacted Omar Abdulaziz, a Saudi Arabian dissident and Canadian permanent resident who has long been critical of the regime in Riyadh. After an extensive investigation, they discovered that his phone had been targeted with this powerful spyware and the operators of the technology were linked to Saudi Arabia’s government and security (...)

    #NSO #smartphone #Pegasus #spyware #activisme #surveillance #écoutes

  • HIDE AND SEEK Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries

    In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations. 1. Executive Summary Israel-based “Cyber Warfare” vendor NSO Group produces and sells a mobile phone spyware suite called Pegasus. To monitor a target, a government operator of Pegasus must convince the target to click on a specially crafted exploit link, which, when clicked, delivers a chain of zero-day exploits to penetrate (...)

    #NSO #smartphone #Pegasus #spyware #écoutes #exportation #sécuritaire #activisme #web (...)


  • Une société israélienne accusée d’avoir aidé les EAU à espionner Hariri et le Qatar

    Le gouvernement des Emirats arabes unis a utilisé une technologie de piratage téléphonique israélienne afin d’espionner ses rivaux politiques et régionaux ainsi que des membres des médias. La société israélienne aurait elle-même participé aux cyber-attaques, a rapporté vendredi le New York Times. NSO Group, basé à Herzliya, a utilisé son controversé logiciel espion Pegasus afin de transformer les smartphones en appareils d’écoute. Afin de vendre Pegasus aux Émirats arabes unis, le NY Times a noté que la (...)

    #NSO #smartphone #spyware #écoutes #sécuritaire #exportation #surveillance

  • Hacking a Prince, an Emir and a Journalist to Impress a Client

    The rulers of the United Arab Emirates had been using Israeli spyware for more than a year, secretly turning the smartphones of dissidents at home or rivals abroad into surveillance devices. So when top Emirati officials were offered a pricey update of the spying technology, they wanted to make sure it worked, according to leaked emails submitted Thursday in two lawsuits against the spyware’s maker, the Israel-based NSO Group. Could the company secretly record the phones of the emir of (...)

    #NSO #smartphone #spyware #écoutes #exportation #sécuritaire #surveillance

  • Le personnel d’#Amnesty_International cible de logiciels malveillants | Amnesty International

    Début juin 2018, un membre du personnel d’Amnesty International a reçu un message WhatsApp suspect rédigé en arabe. Ce texte comportait des informations détaillées au sujet d’une prétendue manifestation devant l’ambassade d’#Arabie_saoudite à Washington, et un lien vers un site Internet. Les investigations menées par les informaticiens d’Amnesty International ont montré que le fait de cliquer sur ce lien aurait, d’après leurs connaissances préalables, installé un « #Pegasus », qui est un outil de #surveillance sophistiqué créé par l’entreprise #NSO Group, basée en #Israël.

    How Israeli spyware tried to hack an Amnesty activist’s phone

    NSO, founded in 2010 by former Israeli intelligence officials...

  • Acheteurs, attention : cette société israélienne aide les gouvernements à espionner leurs citoyens | Middle East Eye

    Alors que les #smartphones ont proliféré au cours des dernières années et sont devenus des outils de communication indispensables pour nous tous, les #start-ups spécialisées dans le piratage de ces #téléphones au nom de gouvernements – notamment des services militaires, de renseignement et de police – se sont également multipliées.

    Les clients de ces start-ups se servent des nouvelles %technologies pour surveiller les criminels et les terroristes afin de détecter et de perturber leurs plans. C’est un usage légitime. Mais il y en a d’autres qui sont beaucoup plus lucratifs pour les entreprises – et beaucoup moins convenables pour des sociétés transparentes.

    Prenons l’exemple de l’activiste des droits de l’homme émirati Ahmed Mansour. En août 2016, il a reçu un message de #hameçonnage semblant provenir d’une source légitime. Il s’est toutefois montré méfiant et a immédiatement envoyé son téléphone au #Citizen_Lab de l’université de Toronto pour une analyse légale.

    Il est ressorti de cette analyse que les autorités émiraties avaient acheté #Pegasus, le plus puissant programme malveillant jamais créé et mis sur le marché, à la société israélienne #NSO_Group.

    Si Mansour avait ouvert le lien, ce programme aurait pris le contrôle de son téléphone et donné à la police accès non seulement à tous les éléments de son téléphone (e-mails, contacts et SMS, par exemple), mais aussi à son appareil photo et à ses fonctionnalités vidéo et audio. La police aurait entendu et vu tous ses faits et gestes et aurait pu anticiper toutes ses actions.

    #emirats_arabes_unis #e.a.u. #israel #Israël

  • Etudiants disparus au Mexique : les experts internationaux ciblés par un logiciel espion

    Ils ont notamment enquêté sur la disparition de 43 étudiants en 2014, et accusé le gouvernement d’avoir fait obstruction à leur travail. Les autorités mexicaines ont-elles outrepassé leurs pouvoirs pour contrecarrer une enquête ? Lundi 10 juillet, les chercheurs canadiens du Citizen Lab, un laboratoire de l’université de Toronto spécialisé dans la surveillance numérique, ont révélé des tentatives d’espionnage visant des experts indépendants enquêtant notamment sur le gouvernement. Après la disparition de (...)

    #NSO #Pegasus #spyware #exportation #sécuritaire #activisme #surveillance #écoutes (...)


  • Reckless III : Investigation Into Mexican Mass Disappearance Targeted with NSO Spyware

    This research note reveals that an international group of experts investigating the 2014 Iguala Mass Disappearance of 43 Mexican students were targeted with Pegasus, the government-exclusive commercial spyware made by NSO Group. NSO Group, the creator of the Pegasus spyware, is an Israeli company that describes their spyware product as designed for tracking criminals and terrorists. Notably, some have reported that it is re-branding as Q Cyber Technologies. Prior Citizen Lab reporting has (...)

    #NSO #Pegasus #spyware #écoutes #exportation #sécuritaire #activisme #surveillance (...)


  • Reckless Exploit : Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware

    In the past five years it has become increasingly clear that civil society is under threat from the misuse of powerful spyware tools exclusively sold to governments. Research has repeatedly shown how governments around the world use digital spying tools designed for criminal investigations and counterintelligence to target journalists, human rights defenders, and others. In August 2016, Citizen Lab released a report uncovering how United Arab Emirates (UAE) activist Ahmed Mansoor was (...)

    #NSO #spyware #journalisme #surveillance #CitizenLab

  • Surveillons la surve ://ance

    La revue de presse de Jonas@framasoft, qui paraît quand il a le temps. Épisode No 2/n Effacer n’est pas supprimer : votre #Historique de #safari demeure longtemps dans #iCloud (Source : Forbes) Si vous pensez que la suppression de votre historique de … Lire la suite­­

    #G.A.F.A.M. #Internet_et_société #Libertés_Numériques #Apple #Gmail #Navigation #NSO

  • How Spy Tech Firms Let Governments See Everything on a Smartphone

    Want to invisibly spy on 10 iPhone owners without their knowledge ? Gather their every keystroke, sound, message and location ? That will cost you $650,000, plus a $500,000 setup fee with an Israeli outfit called the NSO Group. You can spy on more people if you would like — just check out the company’s price list. The NSO Group is one of a number of companies that sell surveillance tools that can capture all the activity on a smartphone, like a user’s location and personal contacts. These (...)

    #Apple #smartphone #iPhone #écoutes #géolocalisation #clavier #NSO_Group #spyware

  • The UAE Spends Big on Israeli Spyware to Listen In on a Dissident | Foreign Policy

    In attacking the iPhone of human rights defender Ahmed Mansour, the Emirati government reportedly bought a rare, zero-day, Israeli exploit of Apple’s iOS.

    When a government seeks to rein in a political opponent by listening in on his calls, reading his text messages, and spying on his meetings, how do they go about doing so? In the case of the United Arab Emirates and pro-democracy activist Ahmed Mansoor, they sent him a short text message.

    New secrets about torture of Emiratis in state prisons,” the Aug. 10 and 11 SMS messages to Mansoor read. The texts included a link, and had Mansoor clicked it, his phone would have turned into a powerful surveillance tool for an entity that researchers believe is the Emirati government. #Pegasus, the software used against Mansoor, allows its operator to record phone calls and intercept text messages, including those made or sent on nominally encrypted apps such as Viber and WhatsApp. It can mine contact books and read emails. The software can also track its subject’s movements and even remotely turn on the phone’s camera and microphone.
    It is unclear how much money the UAE purportedly paid to the shadowy Israeli firm that created Pegasus, the #NSO_Group, but Marczak said it was likely that the firm’s contract with the Gulf nation was in the range of $10 million to $15 million. The size of that contract, he added, would depend on how many targets the UAE would have hired NSO to surveil.

    NSO reportedly sells its surveillance tools to governments around the world, and the UAE appears to be one of its biggest clients, judging by the company’s use of Emirati domains. Citizen Lab also documented the use of Pegasus in countries like Mexico, where it was used to target a Mexican journalist.

    The Pegasus software utilized a chain of three zero days in Apple’s mobile operating system to turn iPhones into highly capable, multifunction surveillance tools.

  • The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender

    We recognized the links as belonging to an exploit infrastructure connected to #NSO_Group, an Israel-based “cyber war” company that sells #Pegasus, a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, #Francisco_Partners_Management.

    #flagrant_délit #médias_dominants #mensonge_par_omission #lemonde

    lemonde :

    L’identité et l’activité de la cible, le prix qu’il a fallu dépenser et le fournisseur du logiciel espion ne laissent guère place au doute, selon #Citizen_Labs : le commanditaire est très certainement le gouvernement émirati.



    Everything We Know About NSO Group: The Professional Spies Who Hacked iPhones With A Single Text

    #espionnage #apple #droits_de_l'humain #Ahmed_Mansoor #lanceur_d'alerte

    • June 20, 2016
      Francisco Partners et Elliott Management acquièrent Dell Software Group

      “La vraie passion pour la technologie et la solide expérience de Francisco Partners et Elliott Management à développer des entreprises de logiciel permettra aux employés de Dell Software de continuer à promouvoir l’innovation,” a déclaré Tom Sweet, vice-président senior et directeur financier, Dell. “Nous nous réjouissons de continuer à travailler en étroite collaboration avec les équipes de Francisco Partners et Elliott Management pour améliorer encore les relations déjà grandes que Dell Software a avec ses clients et partenaires.”

      La gamme complète de solutions logicielles de Dell Software couvrent un certain nombre de domaines essentiels pour l’entreprise moderne comprenant des systèmes d’analyse avancée, la gestion de base de données, la protection des données, la gestion des postes clients, la gestion des identités et des accès, la gestion des plateformes Microsoft, la sécurité des réseaux et le suivi de performance. Grâce aux solutions de Dell Software, les organisations de toutes tailles peuvent mieux sécuriser, gérer, surveiller, protéger et analyser les informations et les infrastructures afin d’accélérer l’innovation et leur modernisation.

    • WP :
      Industry Private Equity
      Founded 1999
      Founders David Stanton, Dipanjan Deb, Benjamin Ball, Neil Garfinkel, Sanford R. “Sandy” Robertson

      Newly elected members of the #Stanford_University Board of Trustees are, clockwise from upper left, Mary Barra, #Dipanjan_DJ_Deb, Christy MacLear and Bradley A. Geier. (Courtesy Board of Trustees)