• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo

Oct 11, 2021 by iHash Leave a Comment

A prominent Togolese human rights defender has been targeted with spyware by a threat actor known for striking victims in South Asia, marking the hacking group’s first foray into digital surveillance in Africa.

Amnesty International tied the covert attack campaign to a collective tracked as “Donot Team” (aka APT-C-35), which has been linked to cyber offensives in India and Pakistan, while also identifying apparent evidence coupling the group’s infrastructure to an Indian company called Innefu Labs. The unnamed activist is believed to have targeted over a period of two months starting in December 2019 with the help of fake Android applications and spyware-loaded emails.

“The persistent attacks over WhatsApp and email tried to trick the victim into installing a malicious application that masqueraded as a secure chat application,” Amnesty International said in a report published last week. “The application was in fact a piece of custom Android spyware designed to extract some of the most sensitive and personal information stored on the activist’s phone.”

Automatic GitHub Backups

The messages originated from a WhatsApp account associated with an Indian phone number that’s registered in the state of Jammu and Kashmir. Once installed, the malicious software — which takes the form of an app named “ChatLite” — grants the adversary permissions to access the camera and microphone, gather photos and files stored on the device, and even grab WhatsApp messages as they are being sent and received.

But when the aforementioned attempt failed, the attackers switched to an alternate infection chain in which an email sent from a Gmail account contained a malware-laced Microsoft Word document that leveraged a now-patched remote code execution vulnerability (CVE-2017-0199) to drop a full-fledged Windows spying tool known as the YTY framework that grants complete access to the victim’s machine.

“The spyware can be used to steal files from the infected computer and any connected USB drives, record keystrokes, take regular screenshots of the computer, and download additional spyware components,” the researchers said.

Although Innefu Labs has not been directly implicated in the incident, Amnesty International said it discovered a domain (“server.authshieldserver.com”) that pointed to an IP address (122.160.158[.]3) used by the Delhi-based cybersecurity company. In a statement shared with the non-governmental organization, Innefu Labs denied any connection to the Donot Team APT, adding “they are not aware of any use of their IP address for the alleged activities.”

Enterprise Password Management

We have reached out to the company for further comment, and we will update the story if we hear back.

“The worrying trend of private companies actively performing unlawful digital surveillance increases the scope for abuse while reducing avenues for domestic legal redress, regulation, and judicial control,” Amnesty said. “The nature of cross-border commercial cyber surveillance where the surveillance targets, the operators, the end customer, and the attack infrastructure can all be located in different jurisdictions creates significant impediments to achieving remediation and redress for human rights abuses.”

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: Activist, computer security, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, data breach, hacker news, hacking news, how to hack, Human, IndianMade, information security, Mobile, network security, ransomware malware, Rights, software vulnerability, spyware, Targeted, the hacker news, Togo

Special Offers

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Dotan Horovits

Is Kubernetes Monitoring Flawed? | Logz.io

Feb 7, 2023 By iHash

New Survey Finds Consumers Give Chatbots a Failing Grade in Customer Experience

Feb 7, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video Vulnerabilities web applications

Latest

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

“Where do we start?” This is the question every CISO asks about every new program. In fact, I ask and answer that question many times a month. There’s a reason for this, of course. A strong start to any project builds momentum, reassures stakeholders, and sets the stage for what’s to come. Security resilience initiatives […]

Cisco Secure at Cisco Live EMEA 2023

Cisco Secure at Cisco Live EMEA 2023

Cisco Live is the premier destination for Cisco customers and partners to gain knowledge and build community. Our teams work hard to deliver education and inspiration, ignite creativity, deliver practical know-how, and accelerate the connections that fuel your digital future. The Cisco Secure team is excited to share our expertise to help power the strategies […]

The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

Expires November 25, 2122 23:59 PST Buy now and get 97% off Adobe Acrobat Pro DC (Beginner) KEY FEATURES Workplace demand for digital media skills including creating, managing, and integrating PDF documents is on the rise. In this course, students will learn the basics of creating PDF documents and modifying PDFs within Adobe Acrobat DC […]

Implementing AI into Enterprise Search to Make It Smarter

AI has the potential to be a game-changer for businesses that are experiencing a digital transformation, provided that it is correctly applied. While the economy is still struggling to recover, the value of technology like Machine Learning (ML) and Natural Language Processing (NLP) is on the rise. These technologies assist businesses in initiating and accelerating […]

GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. […]

Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

Expires January 31, 2123 18:01 PST Buy now and get 61% off PRODUCT SPECS Batteries Required? Yes Power Source Battery Powered Item Dimensions LxWxH 4.1 x 0.97 x 0.58 inches Battery Life 25 Hours function logProductOverviewMetric(metric) { if(typeof window.csa !== ‘undefined’) { var myEvents = csa(“Events”, {producerId: “dppinfo”}); myEvents(“log”, { schemaId: “dppinfo.productOverviewClientSideEvents.1”, eventName: metric }, […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT