[TheRecord] Report links Indian company to spyware that targeted Togolese activist

A new report from Amnesty International links an Indian cybersecurity firm called Innefu Labs to spyware used to target an unidentified “prominent human rights defender” in Togo. 

The Togolese activist was targeted with the spyware that previous reports have linked to the Donot Team in late 2019 and early 2020—a particularly contentious political period in the country, according to the report. The attackers tried to use both Android and Windows spyware to compromise the person’s devices, but were unsuccessful, the report said. 

Donot Team is the name used by researchers to identify threat actors first reported and linked to incidents in South Asia by Netscout research published in 2018. Amnesty International’s report says it has “observed additional evidence of Donot Team attacks against organizations and individuals across Asia, mostly concentrated in the north of India, Pakistan and Kashmir.”

Amnesty International doesn’t claim Innefu Labs was directly involved in targeting the activist, but rather that digital forensics uncovered links, including IP addresses, that connect the company to the tools used to target the person.

“The technical evidence suggests that Innefu Labs is involved in the development or deployment of some Donot Team spyware tools,” according to the report. 

Innefu Labs denied any connection to the attacks according to correspondence included in the report. “We firmly deny the existence of any link whatsoever between Innefu Labs and the spyware tools associated with the ‘Donot Team’ group and the attacks against a Human Rights Defender in Togo,” the company wrote in a message dated October 1.

Innefu Labs did not immediately respond to a request for comment. 

Amnesty International and other human rights groups have long criticized the rise of off-the-shelf surveillance tools that have been used by repressive regimes to target activists and journalists. 

“Across the world, cyber-mercenaries are unscrupulously cashing in on the unlawful surveillance of human rights defenders,” said Danna Ingleton, Deputy Director of Amnesty Tech said in a statement about the latest research.

The post Report links Indian company to spyware that targeted Togolese activist appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Red Cross blames hack on Zoho vulnerability, suspects APT attack

After making headlines last month, additional details are emerging about the hack of the Red Cross organization and the possibility that the attack was carried out by a state-sponsored hacking group. In an update to its original breach disclosure, the Red Cross said today that while the breach was found and disclosed on January 18, the actual […]

Read More

[ThreatPost] Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers

All posts, ThreatPost

A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. Source: Read More (Threatpost)

Read More

[HackerNews] Researchers Warn of ‘Raspberry Robin’ Malware Spreading via External Drives

All posts, HackerNews

Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named “Raspberry Robin,” Red Canary researchers noted that the worm “leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.” The earliest signs of the activity are […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.