[TheRecord] Report links Indian company to spyware that targeted Togolese activist

A new report from Amnesty International links an Indian cybersecurity firm called Innefu Labs to spyware used to target an unidentified “prominent human rights defender” in Togo. 

The Togolese activist was targeted with the spyware that previous reports have linked to the Donot Team in late 2019 and early 2020—a particularly contentious political period in the country, according to the report. The attackers tried to use both Android and Windows spyware to compromise the person’s devices, but were unsuccessful, the report said. 

Donot Team is the name used by researchers to identify threat actors first reported and linked to incidents in South Asia by Netscout research published in 2018. Amnesty International’s report says it has “observed additional evidence of Donot Team attacks against organizations and individuals across Asia, mostly concentrated in the north of India, Pakistan and Kashmir.”

Amnesty International doesn’t claim Innefu Labs was directly involved in targeting the activist, but rather that digital forensics uncovered links, including IP addresses, that connect the company to the tools used to target the person.

“The technical evidence suggests that Innefu Labs is involved in the development or deployment of some Donot Team spyware tools,” according to the report. 

Innefu Labs denied any connection to the attacks according to correspondence included in the report. “We firmly deny the existence of any link whatsoever between Innefu Labs and the spyware tools associated with the ‘Donot Team’ group and the attacks against a Human Rights Defender in Togo,” the company wrote in a message dated October 1.

Innefu Labs did not immediately respond to a request for comment. 

Amnesty International and other human rights groups have long criticized the rise of off-the-shelf surveillance tools that have been used by repressive regimes to target activists and journalists. 

“Across the world, cyber-mercenaries are unscrupulously cashing in on the unlawful surveillance of human rights defenders,” said Danna Ingleton, Deputy Director of Amnesty Tech said in a statement about the latest research.

The post Report links Indian company to spyware that targeted Togolese activist appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

All posts, ThreatPost

The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. Source: Read More (Threatpost)

Read More

Daily NCSC-FI news followup 2020-07-19

WSJ: Yhdysvaltalaistutkijat jäljittivät matkapuhelinten signaaleja lähellä venäläisiä sotilaskohteita yle.fi/uutiset/3-11455540 Kaupallisesti saatavilla olevaa paikannustietoa käytetään yhä enemmän myös valtiollisessa tiedustelussa. Amerikkalainen tutkijaryhmä Mississippin yliopistosta seurasi viime vuonna matkapuhelinten signaaleja lähellä Venäjän sotilasalueita, Wall Street Journal uutisoi. Lue myös: www.wsj.com/articles/academic-project-used-marketing-data-to-monitor-russian-military-sites-11595073601 iOS 13.6: Apple Just Gave iPhone Users 29 Security Reasons To Update Now www.forbes.com/sites/kateoflahertyuk/2020/07/19/ios-136-apple-just-gave-iphone-users-29-security-reasons-to-update-now/ Apple’s iOS 13.6 […]

Read More

[BleepingComputer] Windows MSHTML zero-day defenses bypassed as new info emerges

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor’s ultimate goal of taking over corporate networks. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.