Journalists Spied Through a Spyware!
Citizen Lab has uncovered a campaign where dozens of journalists were spied on using the spyware kismet, an NSO Group product. The maker was accused of similar incidents earlier, where it supplied spyware to governments for spying on dissidents and journalists through WhatsApp.
— Citizen Lab (@citizenlab) December 20, 2020 And now, it’s reputedly being used by four operators, two originated from Saudi Arabia and two from UAE, to spy on at least 37 journalists. Out of the four operators found, two were said to have acted on their government’s behalf! The spyware deployed was able to access microphone audio, passwords, and remotely capturing photos. While it’s unknown how it’s distributed, it’s named a zero-click vector as it didn’t leave any digital traces in the device while spying. One victim named Rania Dridi from Al Araby said she might have been targeted for having links to a Saudi Arabian critic and her discussions on women’s rights. NSO Group said it was unfamiliar with the matter and will investigate the incident if “credible evidence of misuse” is observed. Also, it said that it doesn’t have any access to the target’s data and made its spyware strictly for use against criminals only. On the other hand, Apple said it couldn’t verify the Citizen Lab’s claims but acknowledged the attack as “highly targeted” and recommended users to upgrade to the latest software version. Operators have reportedly exploited a vulnerability in iMessage, which is existing for over a year.