#nso

NSO Group / Q Cyber Technologies
Citizen Lab, le 29 octobre 2019
▻https://citizenlab.ca/2019/10/nso-q-cyber-technologies-100-new-abuse-cases

https://citizenlab.ca/wp-content/themes/citizenlab-1.9.8/library/images/CL-logo-3-headed.png

As part of our investigation into the [Whatsapp] incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses.

Other vectors used in prior cases of NSO targeting include tricking targets into clicking on a link using social engineering. For example, in 2017, the wife of a murdered Mexican journalist was sent alarming text messages concerning her husband’s murder, designed to trick her into clicking on a link and infecting her phone with the Pegasus spyware. In 2018, a close confidant of Jamal Khashoggi was targeted in Canada with a fake package notification, resulting in the infection of his iPhone. Citizen Lab has tracked more than two dozen cases using similar techniques.

#Palestine #israel #NSO #Pegasus #surveillance #Jamal_Khashoggi #Javier_Valdez

New report shows 100+ members of civil society targeted as NSO Group continues to evade scrutiny
▻https://www.accessnow.org/new-report-shows-100-members-of-civil-society-targeted-as-nso-group-conti

In May this year, we published an article detailing a WhatsApp breach where the secure messaging app was found to be vulnerable to a specific type of attack by malicious actors. Today, on the back of a lengthy investigation by WhatsApp and our friends at Citizen Lab, we are finally learning more about who the targets of those attacks were and how they were carried out. The joint investigation revealed that a total of 1400+ individuals were targeted, out of whom over 100 have already been (...)

#NSO #Facebook #WhatsApp #smartphone #Pegasus #spyware #activisme #journalisme #écoutes #hacking #surveillance (...)

##AccessNow

https://www.accessnow.org/cms/assets/uploads/2017/07/Blackstone-NSO-campaign-header-01-e1542217790273.jpg

NSO, l’espionnage tous azimuts
▻https://www.liberation.fr/planete/2019/10/31/nso-l-espionnage-tous-azimuts_1760866

Selon Reuters, le logiciel Pegasus développé par la sulfureuse entreprise israélienne, dénoncé pour avoir servi à surveiller des militants des droits de l’homme et des opposants politiques, a aussi été utilisé pour cibler « de hauts responsables gouvernementaux » dans une vingtaine de pays. La recension publique des états de service de l’entreprise israélienne NSO Group, « pépite » de la « start-up nation » du Proche-Orient en matière de logiciels espions, continue de s’enrichir. Ce jeudi, Reuters affirme en (...)

#NSO #WhatsApp #Pegasus #smartphone #spyware #activisme #journalisme #écoutes #hacking #surveillance #AmnestyInternational (...)

##CitizenLab

https://medias.liberation.fr/photo/1265652-afp_1lu50pjpg.jpg

WhatsApp dépose une plainte contre l’entreprise israélienne NSO Group, accusée d’espionnage
▻https://www.lemonde.fr/pixels/article/2019/10/30/whatsapp-depose-une-plainte-contre-l-entreprise-israelienne-nso-group-accuse

NSO Groupe aurait directement contribué à une série d’appels « infectés », qui ont ciblé des militants des droits de l’homme et des journalistes en exploitant une faille de l’application, dénonce le dirigeant de WhatsApp. WhatsApp, l’une des applications de messagerie les plus populaires au monde, propriété de Facebook depuis 2014, a annoncé, mardi 29 octobre, avoir déposé plainte contre NSO Group, une société israélienne spécialisée dans les logiciels d’espionnage. WhatsApp l’accuse d’avoir contribué au (...)

#NSO #Facebook #WhatsApp #cryptage #Pegasus #spyware #écoutes #hacking #surveillance #activisme #journalisme (...)

##CitizenLab

https://img.lemde.fr/2019/07/12/132/0/3000/1498/1440/720/60/0/ace90ce_mFobkiShlOzbr9A44SHPxF8S.jpg

WhatsApp poursuit une société d’espionnage israélienne
▻https://www.lapresse.ca/affaires/techno/201910/29/01-5247467-whatsapp-poursuit-une-societe-despionnage-israelienne.php

WhatsApp a déposé plainte contre NSO Group, une société israélienne à la réputation sulfureuse, spécialisée dans les logiciels d’espionnage et accusée d’aider des gouvernements, du Moyen-Orient au Mexique, à épier des militants et des journalistes. L’application de messagerie cryptée détenue par Facebook avait admis en mai avoir été infectée par un logiciel espion donnant accès au contenu des téléphones portables. « Après des mois d’enquête, nous pouvons dire qui a mené cette attaque », a déclaré Will (...)

#NSO #Facebook #WhatsApp #cryptage #Android #iPhone #Pegasus #smartphone #spyware #activisme #journalisme #écoutes (...)

##surveillance

https://mobile-img.lpcdn.ca/lpca/924x/r3996/6e6093ce-fa87-11e9-a65c-0eda3a42da3c.jpg

Facebook Sues Israel’s NSO Group Over Alleged WhatsApp Hack
▻https://www.haaretz.com/israel-news/facebook-sues-israel-s-nso-group-over-alleged-whatsapp-hack-1.8055832

Facebook is seeking to have NSO barred from accessing or attempting to access WhatsApp and Facebook’s services after hacking spree that targeted journalists, diplomats, activists and others Facebook Inc. on Tuesday sued Israeli cyber surveillance firm NSO Group, alleging it hacked users of messaging platform WhatsApp earlier this year. The hacking spree targeted journalists, diplomats, human rights activists, senior government officials and others, Facebook said in its lawsuit, filed in (...)

#NSO #WhatsApp #Facebook #Pegasus #smartphone #spyware #écoutes #hacking #surveillance #activisme #journalisme (...)

##AmnestyInternational

https://www.haaretz.com/polopoly_fs/1.8055849.1572378046!/image/2772380254.jpg_gen/derivatives/headline_1200x630/2772380254.jpg

#Maroc maintenant !

Des défenseurs des droits humains marocains ciblés par un logiciel espion malveillant de l’entreprise israélienne NSO
Amnesty International, le 10 octobre 2019
▻https://www.amnesty.org/fr/latest/news/2019/10/moroccan-human-rights-defenders-targeted-using-malicious-nso-israeli-spywar

Soumettre les contestataires et militant·e·s pacifiques qui dénoncent le bilan du Maroc en matière de droits humains à des actes de harcèlement ou d’intimidation au moyen d’une surveillance informatique invasive constitue une violation épouvantable de leurs droits à la vie privée et à la liberté d’expression.

#Palestine #israel #NSO #Pegasus #surveillance #Jamal_Khashoggi

Is NSO Group’s infamous Pegasus spyware being traded through the EU ?
▻https://www.accessnow.org/is-nso-groups-infamous-pegasus-spyware-being-traded-through-the-eu

When sophisticated surveillance systems are sold and used effectively without constraint, it puts civil society, free expression, and our democracies in the crosshairs. The brutal murder of Saudi journalist Jamal Khashoggi remains a grim reminder of the vulnerability of those speaking out for human rights. In the European Union, there are export controls designed to prevent sales of these kinds of systems to certain countries with troubling human rights records. The question is, how well (...)

#NSO #Pegasus #spyware #exportation #activisme #sécuritaire #hacking #surveillance #journalisme #web (...)

##NovalpinaCapital

https://www.accessnow.org/cms/assets/uploads/2017/07/Blackstone-NSO-campaign-header-01-e1542217790273.jpg

Border Patrol, Israel’s Elbit Put Reservation Under Surveillance
►https://theintercept.com/2019/08/25/border-patrol-israel-elbit-surveillance

https://theintercept.imgix.net/wp-uploads/sites/1/2019/08/elbit-final-1566502564.jpg?auto=compress%2Cformat&q=90&fit=crop&w=1200&h=800

Fueled by the growing demonization of migrants, as well as ongoing fears of foreign terrorism, the U.S. borderlands have become laboratories for new systems of enforcement and control. Firsthand reporting, interviews, and a review of documents for this story provide a window into the high-tech surveillance apparatus CBP is building in the name of deterring illicit migration — and highlight how these same systems often end up targeting other marginalized populations as well as political dissidents.

https://theintercept.imgix.net/wp-uploads/sites/1/2019/08/elbit-1566616918.jpg?auto=compress%2Cformat&q=90

#surveillance #frontières #laboratoire #États-Unis #Israël #peuples_premiers

The U.S. Border Patrol and an Israeli Military Contractor Are Putting a Native American Reservation Under “Persistent Surveillance”
►https://theintercept.com/2019/08/25/border-patrol-israel-elbit-surveillance

On the southwestern end of the Tohono O’odham Nation’s reservation, roughly 1 mile from a barbed-wire barricade marking Arizona’s border with the Mexican state of Sonora, Ofelia Rivas leads me to the base of a hill overlooking her home. A U.S. Border Patrol truck is parked roughly 200 yards upslope. A small black mast mounted with cameras and sensors is positioned on a trailer hitched to the truck. For Rivas, the Border Patrol’s monitoring of the reservation has been a grim aspect of everyday (...)

#Elbit #CBP #CCTV #vidéo-surveillance #exportation #sécuritaire #surveillance #frontières

https://theintercept.imgix.net/wp-uploads/sites/1/2019/08/elbit-final-1566502564.jpg

Israel eases rules on cyber weapons exports despite criticism
August 22, 2019 - Reuters
▻https://www.reuters.com/article/us-israel-hackers-idUSKCN1VC0XQ

TEL AVIV (Reuters) - Israel is easing export rules on offensive cyber weapons, despite accusations by human rights and privacy groups that its technologies are used by some governments to spy on political foes and crush dissent. (...)

#cyberespionnage

Israeli group’s spyware ‘offers keys to Big Tech’s cloud’, Financial Time, Mehul Srivastava and Tim Bradshaw, July 19, 2019
▻https://www.ft.com/content/95b91412-a946-11e9-b6ee-3cdf3174eb89

Company’s sales pitch claimed technology can access data from Apple, Google, Facebook and Amazon
NSO Group’s malware, nicknamed Pegasus, has been used by spy agencies and governments to harvest data from smartphones
The Israeli company whose spyware hacked WhatsApp has told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft, according to people familiar with its sales pitch.[...]

▻http://com.ft.imagepublish.upp-prod-us.s3.amazonaws.com/8e34254a-a9a2-11e9-b6ee-3cdf3174eb89

WhatsApp, faille que vaille
▻https://www.liberation.fr/futurs/2019/08/01/whatsapp-faille-que-vaille_1743216

Fake news, contrôle des données, cyberguerre... Retour sur la face sombre de nos vies numériques. Aujourd’hui, Facebook dépassé par un logiciel espion. Sur votre téléphone intelligent, ouvrez l’application WhatsApp. La messagerie qui appartient à Facebook revendiquant un milliard et demi d’utilisateurs dans le monde, il y a de fortes chances que vous l’ayez installée. Commencez une nouvelle conversation et observez ce message : « Les messages envoyés dans cette discussion et les appels sont désormais (...)

#NSO #NSA #WhatsApp #Facebook #malware #Pegasus #smartphone #écoutes #exportation #activisme #sécuritaire #hacking #surveillance #journalisme #Amnesty (...)

##CitizenLab

https://medias.liberation.fr/photo/1240262-dorotherichard-06jpg.jpg

Pegasus 2.0 : un (onéreux) malware pour voler les données des utilisateurs stockées dans le cloud
▻https://cyberguerre.numerama.com/1589-pegasus-2-0-un-onereux-malware-pour-voler-les-donnees-des

Sur la base de documents fournis par des sources proches du dossier, le Financial Times révèle l’existence d’un malware capable de dérober les données d’un utilisateur stockées dans les serveurs des géants du web. Le logiciel malveillant en question n’est autre qu’une évolution de Pegasus, célèbre malware conçu par le NSO Group et utilisé par les agences gouvernementales. En mai dernier, une importante faille de sécurité nichée dans les systèmes de WhatsApp a été mise au jour. Une vulnérabilité notamment (...)

#NSO #malware #Pegasus #cloud #hacking

//c2.lestechnophiles.com/cyberguerre.numerama.com//content/uploads/sites/2/2019/07/daniel-pascoa-pCvCDub8ieI-unsplash.jpg

Des #hackers de haut niveau percés à jour par une commande de #houmous | korii.
▻https://korii.slate.fr/et-caetera/houmous-oute-hackers-haut-niveau-candiru-nso

Pegasus, ce logiciel israélien dont les gouvernements sont friands pour espionner leurs opposants
►https://www.bastamag.net/Khashoggi-Mansoor-Whatsapp-espionnage-spyware-Pegasus-droits-humains-oppos

Elle est accusée d’être mêlée à l’affaire Khashoggi, d’être responsable du hackage de Whatsapp révélé il y a peu, l’un de ses logiciels espions est utilisé pour surveiller des défenseurs des droits humains un peu partout dans le monde… Amnesty International la qualifie d’« entreprise incontournable pour les violeurs des droits humains ». La société israélienne NSO Group est la cible d’actions en #Justice pour avoir fabriqué et vendu un spyware à des gouvernements qui l’utilisent pour surveiller dissidents et (...)

#Décrypter

/ A la une, #Proche_et_Moyen_Orient, Surveillance, fichage, censure : la démocratie en danger ?, Justice, #Atteintes_aux_libertés, Surveillance et (...)

#Surveillance,fichage,_censure:la_démocratie_en_danger ? #Surveillance_et_biométrie

Vous avez entendu parler de ces compagnies israéliennes régulièrement montrées du doigt parce que participant à l’espionnage ou au piégeage d’appareils électroniques à des fins politiques.

L’une d’entre elles est NSO, pour le logiciel Pegasus, lié à l’assassinat de Jamal Khashoggi et à l’espionnage d’Amnesty International, mais aussi à d’autres saloperies au Mexique, au Panama etc.

On trouve parmi les actionnaires principaux de NSO, le couple formé du Britannique Stephen Peel et de sa femme, la Canadienne Yana Peel. Lui était membre du conseil d’administration de Global Witness, une organisation de défense des droits humains (!), et elle était la présidente du conseil d’administration d’une grande galerie d’art internationale, Serpentine Galleries.

Dénoncé par des militants, il a du démissionner en février dernier. Quant à elle, le Guardian ayant rendu ces fait publiquement la semaine dernière, elle a également été poussée à la démission.

Stephen Peel has stepped down as a member of the Global Witness Board
Global Witness, le 18 février 2019
▻https://www.globalwitness.org/en/press-releases/stephen-peel-has-stepped-down-member-global-witness-board

UK rights advocate co-owns firm whose spyware is ’used to target dissidents’
Jon Swaine et Stephanie Kirchgaessner, The Guardian, le 14 juin 2019
▻https://seenthis.net/messages/787319

Serpentine Galleries Chief Quits, With Harsh Words for Activist Artists
Alex Marshall, The New-York Times, le 18 juin
▻https://www.nytimes.com/2019/06/18/arts/design/serpentine-galleries-ceo-resigns.html

#Palestine #israel #NSO #Pegasus #surveillance #Jamal_Khashoggi #Stephen_Peel #Yana_Peel #Global_Witness #Serpentine

Saudi Arabia accused of hacking London-based dissident
▻https://www.theguardian.com/world/2019/may/28/saudi-arabia-accused-of-hacking-london-based-dissident-ghanem-almasarir

Kingdom targeted satirist Ghanem Almasarir with Israeli malware, letter of claim alleges Saudi Arabia has been accused of launching a sophisticated hacking attack against a prominent dissident in London who is allegedly living under police protection, according to a letter of claim that has been sent to the kingdom and seen by the Guardian. The letter of claim, which was delivered to the Saudi embassy in London on Tuesday, was sent on behalf of the Saudi satirist Ghanem Almasarir, and (...)

#NSO #WhatsApp #Pegasus #spyware #activisme #écoutes #surveillance

▻https://i.guim.co.uk/img/media/92cc4b3a33ee8e265d9e3c8eafe51323645dbae3/0_103_3000_1800/master/3000.jpg

Une faille de sécurité de WhatsApp utilisée pour installer un logiciel espion israélien
►https://www.lemonde.fr/pixels/article/2019/05/14/une-faille-de-securite-de-whatsapp-utilisee-pour-installer-un-logiciel-espio

WhatsApp a annoncé avoir corrigé la faille, et plusieurs ONG veulent porter plainte contre l’éditeur du logiciel, NSO group. Une importante faille de sécurité touchant la fonction « appel téléphonique » de WhatsApp a été corrigée lundi 13 mai, a annoncé l’entreprise, propriété de Facebook. La faille pouvait permettre d’installer, à l’insu de l’utilisateur, un logiciel espion sur son téléphone, si l’utilisateur ne décrochait pas lorsqu’il recevait l’appel « infecté ». Difficile à détecter, la faille de (...)

#NSO #WhatsApp #Pegasus #spyware #géolocalisation #activisme #écoutes #sécuritaire #surveillance #CitizenLab (...)

##Amnesty

https://img.lemde.fr/2019/05/14/376/0/4500/2250/1440/720/60/0/48c0bc5_d3c4acbf0d5e4cac89b31d20628adf10-d3c4acbf0d5e4cac89b31d20628adf10-0.jpg

Interview with CEO of NSO Group – Israeli spyware-maker – on fighting terror, Khashoggi murder, and Saudi Arabia - 60 Minutes - CBS News
▻https://www.cbsnews.com/news/interview-with-ceo-of-nso-group-israeli-spyware-maker-on-fighting-terror-kh

https://cbsnews2.cbsistatic.com/hub/i/r/2019/03/22/e98dc21c-7c98-4176-9472-adbb1e0b3761/thumbnail/1200x630/05ff4c2852883793bbe7618565590d54/shalev-int-cu.jpg

Tonight we’ll take you inside the growing, shadowy global market of cyber espionage. We looked specifically at a controversial Israeli company called the NSO Group, valued at nearly a billion dollars, that says it developed a hacking tool that can break into just about any smartphone on Earth.

NSO licenses this software, called Pegasus, to intelligence and law enforcement agencies worldwide, so they can infiltrate the encrypted phones and apps of criminals and terrorists. Problem is this same tool can also be deployed by a government to crush dissent. And so it is that Pegasus has been linked to human rights abuses, unethical surveillance, and even to the notoriously brutal murder of the Saudi Arabian critic Jamal Khashoggi.

Headquartered in the Israeli city of Herzliya, NSO Group operates in strict secrecy. But co-founder and CEO, Shalev Hulio, has been forced out of the shadows and not into a good light, accused of selling Pegasus to Saudi Arabia despite its abysmal record on human rights.

Lesley Stahl: And the word is that you sold Pegasus to them, and then they turned it around to get Khashoggi.

Shalev Hulio: Khashoggi murder is horrible. Really horrible. And therefore, when I first heard there are accusations that our technology been used on Jamal Khashoggi or on his relatives, I started an immediate check about it. And I can tell you very clear, we had nothing to do with this horrible murder.

#NSO organise sa défense dans l’affaire #kashoggi ?

Undercover agents target cybersecurity watchdog who detailed Israeli firm NSO’s link to #Khashoggi scandal
Haaretz.Com
▻https://www.haaretz.com/misc/article-print-page/.premium-undercover-agents-target-watchdog-who-detailed-israeli-firm-nso-s-

Operatives with fake identities are pursuing members of #Citizen_Lab, the group that uncovered the connection between Jamal Khashoggi’s murder and Israel’s surveillance company #NSO
The Associated Press | Jan. 26, 2019 | 4:19 PM

The researchers who reported that Israeli software was used to spy on Washington Post journalist Jamal Khashoggi’s inner circle before his gruesome death are being targeted in turn by international undercover operatives, The Associated Press has found.

Twice in the past two months, men masquerading as socially conscious investors have lured members of the Citizen Lab internet watchdog group to meetings at luxury hotels to quiz them for hours about their work exposing Israeli surveillance and the details of their personal lives. In both cases, the researchers believe they were secretly recorded.

Citizen Lab Director Ron Deibert described the stunts as “a new low.”

“We condemn these sinister, underhanded activities in the strongest possible terms,” he said in a statement Friday. “Such a deceitful attack on an academic group like the Citizen Lab is an attack on academic freedom everywhere.”

Who these operatives are working for remains a riddle, but their tactics recall those of private investigators who assume elaborate false identities to gather intelligence or compromising material on critics of powerful figures in government or business.

Citizen Lab, based out of the Munk School of Global Affairs at the University of Toronto, has for years played a leading role in exposing state-backed hackers operating in places as far afield as Tibet , Ethiopia and Syria . Lately the group has drawn attention for its repeated exposés of an Israeli surveillance software vendor called the NSO Group, a firm whose wares have been used by governments to target journalists in Mexico , opposition figures in Panama and human rights activists in the Middle East .

In October, Citizen Lab reported that an iPhone belonging to one of Khashoggi’s confidantes had been infected by the NSO’s signature spy software only months before Khashoggi’s grisly murder. The friend, Saudi dissident Omar Abdulaziz, would later claim that the hacking had exposed Khashoggi’s private criticisms of the Saudi royal family to the Arab kingdom’s spies and thus “played a major role” in his death.

In a statement, NSO denied having anything to do with the undercover operations targeting Citizen Lab, “either directly or indirectly” and said it had neither hired nor asked anyone to hire private investigators to pursue the Canadian organization. “Any suggestion to the contrary is factually incorrect and nothing more than baseless speculation,” NSO said.

NSO has long denied that its software was used to target Khashoggi, although it has refused to comment when asked whether it has sold its software to the Saudi government more generally.

The first message reached Bahr Abdul Razzak, a Syrian refugee who works as a Citizen Lab researcher, Dec. 6, when a man calling himself Gary Bowman got in touch via LinkedIn. The man described himself as a South African financial technology executive based in Madrid.

“I came across your profile and think that the work you’ve done helping Syrian refugees and your extensive technical background could be a great fit for our new initiative,” Bowman wrote.

Abdul Razzak said he thought the proposal was a bit odd, but he eventually agreed to meet the man at Toronto’s swanky Shangri-La Hotel on the morning of Dec. 18.

The conversation got weird very quickly, Abdul Razzak said.

Instead of talking about refugees, Abdul Razzak said, Bowman grilled him about his work for Citizen Lab and its investigations into the use of NSO’s software. Abdul Razzak said Bowman appeared to be reading off cue cards, asking him if he was earning enough money and throwing out pointed questions about Israel, the war in Syria and Abdul Razzak’s religiosity.

“Do you pray?” Abdul Razzak recalled Bowman asking. “Why do you write only about NSO?” ’’Do you write about it because it’s an Israeli company?" ’’Do you hate #Israel?"

Abdul Razzak said he emerged from the meeting feeling shaken. He alerted his Citizen Lab colleagues, who quickly determined that the breakfast get-together had been a ruse. Bowman’s supposed Madrid-based company, FlameTech, had no web presence beyond a LinkedIn page, a handful of social media profiles and an entry in the business information platform Crunchbase. A reverse image search revealed that the profile picture of the man listed as FlameTech’s chief executive, Mauricio Alonso, was a stock photograph.

“My immediate gut feeling was: ’This is a fake,’” said John Scott-Railton, one of Abdul Razzak’s colleagues.

Scott-Railton flagged the incident to the AP, which confirmed that FlameTech was a digital facade.

Searches of the Orbis database of corporate records, which has data on some 300 million global companies, turned up no evidence of a Spanish firm called FlameTech or Flame Tech or any company anywhere in the world matching its description. Similarly, the AP found no record of FlameTech in Madrid’s official registry or of a Gary Bowman in the city’s telephone listings. An Orbis search for Alonso, the supposed chief executive, also drew a blank. When an AP reporter visited Madrid’s Crystal Tower high-rise, where FlameTech claimed to have 250 sq. meters (2,700 sq. feet) of office space, he could find no trace of the firm and calls to the number listed on its website went unanswered.

The AP was about to publish a story about the curious company when, on Jan. 9, Scott-Railton received an intriguing message of his own.

This time the contact came not from Bowman of FlameTech but from someone who identified himself as Michel Lambert, a director at the Paris-based agricultural technology firm CPW-Consulting.

Lambert had done his homework. In his introductory email , he referred to Scott-Railton’s early doctoral research on kite aerial photography — a mapping technique using kite-mounted cameras — and said he was “quite impressed.

We have a few projects and clients coming up that could significantly benefit from implementing Kite Aerial Photography,” he said.

Like FlameTech, CPW-Consulting was a fiction. Searches of Orbis and the French commercial court registry Infogreffe turned up no trace of the supposedly Paris-based company or indeed of any Paris-based company bearing the acronym CPW. And when the AP visited CPW’s alleged office there was no evidence of the company; the address was home to a mainly residential apartment building. Residents and the building’s caretaker said they had never heard of the firm.

Whoever dreamed up CPW had taken steps to ensure the illusion survived a casual web search, but even those efforts didn’t bear much scrutiny. The company had issued a help wanted ad, for example, seeking a digital mapping specialist for their Paris office, but Scott-Railton discovered that the language had been lifted almost word-for-word from an ad from an unrelated company seeking a mapping specialist in London. A blog post touted CPW as a major player in Africa, but an examination of the author’s profile suggests the article was the only one the blogger had ever written.

When Lambert suggested an in-person meeting in New York during a Jan. 19 phone call , Scott-Railton felt certain that Lambert was trying to set him up.

But Scott-Railton agreed to the meeting. He planned to lay a trap of his own.

Anyone watching Scott-Railton and Lambert laughing over wagyu beef and lobster bisque at the Peninsula Hotel’s upscale restaurant on Thursday afternoon might have mistaken the pair for friends.

In fact, the lunch was Spy vs. Spy. Scott-Railton had spent the night before trying to secret a homemade camera into his tie, he later told AP, eventually settling for a GoPro action camera and several recording devices hidden about his person. On the table, Lambert had placed a large pen in which Scott-Railton said he spotted a tiny camera lens peeking out from an opening in the top.

Lambert didn’t seem to be alone. At the beginning of the meal, a man sat behind him, holding up his phone as if to take pictures and then abruptly left the restaurant, having eaten nothing. Later, two or three men materialized at the bar and appeared to be monitoring proceedings.

Scott-Railton wasn’t alone either. A few tables away, two Associated Press journalists were making small talk as they waited for a signal from Scott-Railton, who had invited the reporters to observe the lunch from nearby and then interview Lambert near the end of the meal.

The conversation began with a discussion of kites, gossip about African politicians, and a detour through Scott-Railton’s family background. But Lambert, just like Bowman, eventually steered the talk to Citizen Lab and NSO.

“Work drama? Tell me, I like drama!” Lambert said at one point, according to Scott-Railton’s recording of the conversation. “Is there a big competition between the people inside Citizen Lab?” he asked later.

Like Bowman, Lambert appeared to be working off cue cards and occasionally made awkward conversational gambits. At one point he repeated a racist French expression, insisting it wasn’t offensive. He also asked Scott-Railton questions about the Holocaust, anti-Semitism and whether he grew up with any Jewish friends. At another point he asked whether there might not be a “racist element” to Citizen Lab’s interest in Israeli spyware.

After dessert arrived, the AP reporters approached Lambert at his table and asked him why his company didn’t seem to exist.
He seemed to stiffen.

“I know what I’m doing,” Lambert said, as he put his files — and his pen — into a bag. Then he stood up, bumped into a chair and walked off, saying “Ciao” and waving his hand, before returning because he had neglected to pay the bill.

As he paced around the restaurant waiting for the check, Lambert refused to answer questions about who he worked for or why no trace of his firm could be found.

“I don’t have to give you any explanation,” he said. He eventually retreated to a back room and closed the door.

Who Lambert and Bowman really are isn’t clear. Neither men returned emails, LinkedIn messages or phone calls. And despite their keen focus on NSO the AP has found no evidence of any link to the Israeli spyware merchant, which is adamant that it wasn’t involved.

The kind of aggressive investigative tactics used by the mystery men who targeted Citizen Lab have come under fire in the wake of the Harvey Weinstein sexual abuse scandal. Black Cube, an Israeli private investigation firm apologized after The New Yorker and other media outlets revealed that the company’s operatives had used subterfuge and dirty tricks to help the Hollywood mogul suppress allegations of rape and sexual assault.

Scott-Railton and Abdul Razzak said they didn’t want to speculate about who was involved. But both said they believed they were being steered toward making controversial comments that could be used to blacken Citizen Lab’s reputation.

“It could be they wanted me to say, ’Yes, I hate Israel,’ or ’Yes, Citizen Lab is against NSO because it’s Israeli,’” said Abdul Razzak.
Scott-Railton said the elaborate, multinational operation was gratifying, in a way.

“People were paid to fly to a city to sit you down to an expensive meal and try to convince you to say bad things about your work, your colleagues and your employer,” he said.

“That means that your work is important.”

Litigation and Other Formal Complaints Concerning Targeted Digital Surveillance and the Digital Surveillance Industry
▻https://citizenlab.ca/2018/12/litigation-and-other-formal-complaints-concerning-targeted-digital-survei

This is a living resource document providing links and descriptions to litigation and other formal complaints concerning digital surveillance and the digital surveillance industry. If you have additional resources to add to this document, please send to Siena Anstis : siena [at] citizen lab [dot] ca. This document was last updated on December 12, 2018.

#NSO #spyware #sécuritaire #activisme #web #surveillance #écoutes #CitizenLab #Gamma #FinFisher #FinSpy #AMESys #RSF #Amnesty #PrivacyInternational #Qosmos #Deep_Packet_Inspection_(DPI) #FIDH #LDH

##Deep_Packet_Inspection__DPI_

https://citizenlab.ca/wp-content/uploads/2018/04/citlab-cities-WP.jpg

Israeli cyber firm negotiated advanced attack capabilities sale with Saudis, Haaretz reveals

Just months before crown prince launched a purge against his opponents, NSO offered Saudi intelligence officials a system to hack into cellular phones ■ NSO: We abide the law, our products are used to combat crime and terrorism

►https://www.haaretz.com/israel-news/.premium-israeli-company-negotiated-to-sell-advanced-cybertech-to-the-saudi

The Israeli company NSO Group Technologies offered Saudi Arabia a system that hacks cellphones, a few months before Crown Prince Mohammed bin Salman began his purge of regime opponents, according to a complaint to the Israel Police now under investigation.
But NSO, whose development headquarters is in Herzliya, says that it has acted according to the law and its products are used in the fight against crime and terror.
To really understand Israel and the Middle East - subscribe to Haaretz
Either way, a Haaretz investigation based on testimony and photos, as well as travel and legal documents, reveals the Saudis’ behind-the-scenes attempts to buy Israeli technology.
In June 2017, a diverse group gathered in a hotel room in Vienna, a city between East and West that for decades has been a center for espionage, defense-procurement contacts and unofficial diplomatic meetings.
Keep updated: Sign up to our newsletter
Email* Sign up

Arriving at the hotel were Abdullah al-Malihi, a close associate of Prince Turki al-Faisal – a former head of Saudi Arabia’s intelligence services – and another senior Saudi official, Nasser al-Qahtani, who presented himself as the deputy of the current intelligence chief. Their interlocutors were two Israeli businessmen, representatives of NSO, who presented to the Saudis highly advanced technology.

>> Israel’s cyber-spy industry helps world dictators hunt dissidents and gays | Revealed
In 2017, NSO was avidly promoting its new technology, its Pegasus 3 software, an espionage tool so sophisticated that it does not depend on the victim clicking on a link before the phone is breached.
During the June 2017 meeting, NSO officials showed a PowerPoint presentation of the system’s capabilities. To demonstrate it, they asked Qahtani to go to a nearby mall, buy an iPhone and give them its number. During that meeting they showed how this was enough to hack into the new phone and record and photograph the participants in the meeting.
The meeting in Vienna wasn’t the first one between the two sides. Prime Minister Benjamin Netanyahu has recently expressed pride in the tightening ties with Gulf states, with Israel’s strength its technology. The message is clear: Israel is willing to sell these countries security-related technologies, and they forge closer ties with Israel in the strategic battle against Iran.
>> $6 billion of Iranian money: Why Israeli firm Black Cube really went after Obama’s team
According to the complaint, the affair began with a phone call received by a man identified as a European businessman with connections in the Gulf states. On the line was W., an Israeli dealing in defense-related technologies and who operates through Cyprus-based companies. (Many defense-related companies do business in Cyprus because of its favorable tax laws.) W. asked his European interlocutor to help him do business in the Gulf.

FILE Photo: Two of the founders of NSO, Shalev Julio and Omri Lavi.
Among the European businessman’s acquaintances were the two senior Saudi officials, Malihi and Qahtani.
On February 1, 2017, W. and the businessman met for the first time. The main topic was the marketing of cyberattack software. Unlike ordinary weapons systems, the price depends only on a customer’s eagerness to buy the system.
The following month, the European businessman traveled to a weapons exhibition in the United Arab Emirates, where a friend introduced him to Malihi, the Saudi businessman.
In April 2017, a meeting was arranged in Vienna between Malihi, Qahtani and representatives of Israeli companies. Two more meetings subsequently took place with officials of Israeli companies in which other Israelis were present. These meetings took place at the Four Seasons Hotel in Limassol, Cyprus, where Israeli cybercompanies often meet with foreign clients.
>> Snowden: Israeli firm’s spyware was used to track Khashoggi
The meetings were attended by W. and his son. They were apparently friendly: In photographs documenting one of them, W. and Qahtani are shown after a hunting trip, with the Saudi aiming a rifle at a dead animal.
In the Vienna meeting of April 2017, the Saudis presented a list of 23 systems they sought to acquire. Their main interest was cybersystems. For a few dozens of millions of dollars, they would be able to hack into the phones of regime opponents in Saudi Arabia and around the world and collect classified information about them.
According to the European businessman, the Saudis, already at the first meeting, passed along to the representatives of one of the companies details of a Twitter account of a person who had tweeted against the regime. They wanted to know who was behind the account, but the Israeli company refused to say.

Offices of Israeli NSO Group company in Herzliya, Israel, Aug. 25, 2016Daniella Cheslow/AP
In the June 2017 meeting, the Saudis expressed interest in NSO’s technology.
According to the European businessman, in July 2017 another meeting was held between the parties, the first at W.’s home in Cyprus. W. proposed selling Pegasus 3 software to the Saudis for $208 million.
Malihi subsequently contacted W. and invited him to Riyadh to present the software to members of the royal family. The department that oversees defense exports in Israel’s Defense Ministry and the ministry’s department for defense assistance, responsible for encouraging exports, refused to approve W.’s trip.
Using the initials for the defense assistance department, W. reportedly said “screw the D.A.” and chartered a small plane, taking with him NSO’s founder, Shalev Hulio, to the meetings in the Gulf. According to the European businessman, the pair were there for three days, beginning on July 18, 2017.
At these meetings, the European businessman said, an agreement was made to sell the Pegasus 3 to the Saudis for $55 million.
According to the European businessman, the details of the deal became known to him only through his contacts in the defense assistance department. He said he had agreed orally with W. that his commission in the deal would be 5 percent – $2.75 million.
But W. and his son stopped answering the European businessman’s phone calls. Later, the businessman told the police, he received an email from W.’s lawyer that contained a fake contract in which the company would agree to pay only his expenses and to consider whether to pay him a bonus if the deal went through.
The European businessman, assisted by an Israeli lawyer, filed a complaint in April 2018. He was questioned by the police’s national fraud squad and was told that the affair had been transferred to another unit specializing in such matters. Since then he has been contacted by the income tax authorities, who are apparently checking whether there has been any unreported income from the deal.
The European businessman’s claims seem to be substantiated by correspondence Haaretz has obtained between Cem Koksal, a Turkish businessman living in the UAE, and W.’s lawyers in Israel. The European businessman said in his complaint that Koksal was involved in mediating the deal.
In a letter sent by Koksal’s lawyer in February of this year, he demanded his portion from W. In a response letter, sent in early March, W.’s attorney denied the existence of the deal. The deal had not been signed, the letter claimed, due to Koksal’s negligence, therefore he was due no commission or compensation of any kind.
These issues have a wider context. From the claims by the European businessman and Koksal’s letter, it emerges that the deal was signed in the summer of 2017, a few months before Crown Prince Mohammed began his purge of regime opponents. During that purge, the Saudi regime arrested and tortured members of the royal family and Saudi businessmen accused of corruption. The Saudis also held Lebanese Prime Minister Saad al-Hariri for a few days in a Riyadh hotel.
In the following months the Saudis continued their hunt for regime opponents living abroad, which raised international attention only when the murder of journalist Jamal Khashoggi in the Saudi Consulate in Istanbul came to light in October.
It has recently been claimed that NSO helped the Saudi regime surveil its opponents. According to an article in Forbes magazine and reports from the Canadian cyber-related think tank Citizen Lab, among the surveillance targets were the satirist Ghanem Almasrir and human rights activist Yahya Asiri, who live in London, and Omar Abdulaziz, who lives in exile in Canada.
These three men were in contact with Khashoggi. Last month, Edward Snowden, who uncovered the classified surveillance program of the U.S. National Security Agency, claimed that Pegasus had been used by the Saudi authorities to surveil Khashoggi.
“They are the worst of the worst,” Snowden said of NSO, whose people he accused of aiding and abetting human rights violations.
NSO’s founders and chief executives are Omri Lavie and Shalev Hulio. The company is registered in Cyprus but its development headquarters is in Herzliya. In 2014 the company was sold to private equity firm Francisco Partners based on a valuation of $250 million.
Francisco Partners did not respond to Haaretz’s request for comment.
In May, Verint Systems offered to buy NSO for $1 billion, but the offer was rejected. The company is awash in cash. Earlier this month all its employees went on vacation in Phuket, Thailand. Netta Barzilai, Lior Suchard, the Ma Kashur Trio and the band Infected Mushroom were also flown there to entertain them.
The Pegasus system developed by NSO was a “one-click system,” meaning that the victim had to press on a link sent to him through phishing. The new system no longer requires this. Only the number of the SIM card is needed to hack into the phone. It’s unknown how Pegasus does this.
Technology sources believe that the technology either exploits breaches in the cellphone’s modem, the part that receives messages from the antenna, or security breaches in the apps installed on a phone. As soon as a phone is hacked, the speaker and camera can be used for recording conversations. Even encoded apps such as WhatsApp can be monitored.
NSO’s operations are extremely profitable.
The company, which conceals its client list, has been linked to countries that violate human rights. NSO says its products are used in the fight against crime and terror, but in certain countries the authorities identify anti-regime activists and journalists as terrorists and subject them to surveillance.
In 2012, NSO sold an earlier version of Pegasus to Mexico to help it combat the drug cartel in that country. According to the company, all its contracts include a clause specifically permitting the use of its software only to “investigate and prevent crime or acts of terror.” But The New York Times reported in 2016 that the Mexican authorities also surveilled journalists and lawyers.
Following that report, Mexican victims of the surveillance filed a lawsuit in Israel against NSO last September. This year, The New York Times reported that the software had been sold to the UAE, where it helped the authorities track leaders of neighboring countries as well as a London newspaper editor.
In response to these reports, NSO said it “operated and operates solely in compliance with defense export laws and under the guidelines and close oversight of all elements of the defense establishment, including all matters relating to export policies and licenses.
“The information presented by Haaretz about the company and its products and their use is wrong, based on partial rumors and gossip. The presentation distorts reality.
“The company has an independent, external ethics committee such as no other company like it has. It includes experts in legal affairs and international relations. The committee examines every deal so that the use of the system will take place only according to permitted objectives of investigating and preventing terror and crime.
“The company’s products assist law enforcement agencies in protecting people around the world from terror attacks, drug cartels, child kidnappers for ransom, pedophiles, and other criminals and terrorists.
“In contrast to newspaper reports, the company does not sell its products or allow their use in many countries. Moreover, the company greatly limits the extent to which its customers use its products and is not involved in the operation of the systems by customers.”
A statement on W.’s behalf said: “This is a false and completely baseless complaint, leverage for an act of extortion by the complainants, knowing that there is no basis for their claims and that if they would turn to the relevant courts they would be immediately rejected.”

How the Saudis may have spied on Jamal Khashoggi
▻https://cpj.org/blog/2018/10/how-the-saudis-may-have-spied-on-jamal-khashoggi.php

Omar Abdulaziz, a 27-year-old Saudi Arabian dissident, can still remember the time Jamal Khashoggi, the storied Saudi journalist, unfollowed him on Twitter. It was in 2015, and Khashoggi had been tapped to head a new TV network called Al-Arab, a partnership between a member of the royal family and Bloomberg. Abdulaziz started haranguing Khashoggi online, demanding that the network provide a platform for genuine critics of the Saudi regime. “He got so mad at me,” Abdulaziz recalled in a (...)

#NSO #smartphone #spyware #écoutes #activisme #journalisme #surveillance #CitizenLab

https://cpj.org/blog/Saudi%20blog%20spying%20AFP.jpg

How a Canadian permanent resident and Saudi Arabian dissident was targeted with powerful spyware on Canadian soil
▻https://citizenlab.ca/2018/10/how-a-canadian-permanent-resident-and-saudi-arabian-dissident-was-targete

Following a Citizen Lab report that identified the presence of NSO’s Pegasus spyware technology in Quebec, researchers contacted Omar Abdulaziz, a Saudi Arabian dissident and Canadian permanent resident who has long been critical of the regime in Riyadh. After an extensive investigation, they discovered that his phone had been targeted with this powerful spyware and the operators of the technology were linked to Saudi Arabia’s government and security (...)

#NSO #smartphone #Pegasus #spyware #activisme #surveillance #écoutes