Not everyone is fortunate enough to live in a free country.\nMany people still live in surveillance states, where the government wants to\nassure that the people never have their opposing voices heard. Some countries\ncensor the internet and block major social media networks. Other countries send\nmalware, or spyware, to people they want to keep a closer eye on. According to\nAmnesty International, this is exactly what happened in Morocco. <\/p>\n\n\n\n
What\nHappened?<\/strong><\/p>\n\n\n\n Two human rights activists in Morocco were sent suspicious\ntext messages containing links. Upon clicking the links, an Israeli NSO created\nspyware program called Pegasus attempted to install itself. The targets of the\nattempted spyware attack where prominent Moroccan human rights lawyer Abdessadak\nEl Bouchattaoui and outspoken activist Ma\u00e2ti Monjib.<\/p>\n\n\n\n Monjib noticed that his iPhone would redirect to spammy,\nmalicious appearing websites every time he attempted to access the French\nversion of Yahoo. Any attempt to connect to a website without an encrypted\n\u201cHTTPS\u201d connection would cause the device to behave abnormally. Instead of\nreading the news or checking his mail, his Safari log showed that redirects\nwere attempting to shove him in another direction. Monjib was able to work\naround these redirects by Google searching for the sites he wanted to visit and\ntapping the top results.<\/p>\n\n\n\n What The\nMalware Does<\/strong><\/p>\n\n\n\n Pegasus is one of the most comprehensive and powerful\nspyware programs known to exist. Hundreds of people have been targeted by\nsuccessful or attempted forced Pegasus installations, mostly for political\nreasons. Pegasus works as a man in the middle (MitM) attack. The hacker (or\nprogram) gains control of the device\u2019s network and\/or traffic, attempting to\nmodify it to a malicious end. The\nspyware often targets exploits in popular apps popular among both iOS and\nAndroid Users, such as WhatsApp for messaging.<\/p>\n\n\n\n Amnesty International\u2019s investigation found that at least\none injection attempt to Monjib\u2019s phone was successful, compromising his\ndevice. Reviewing the iPhone\u2019s logs showed behavior consistent with Pegasus\ntampering. <\/p>\n\n\n\n NSO insists that their products are not intend to be used\nfor these purposes, and notes that they have rescinded customer access to the\nproducts based on hacking or device tampering allegations. It\u2019s worth noting\nthat there does not seem to be a legitimate reason for NSO\u2019s spyware products\nto exist if not for anything other than malicious purposes. <\/p>\n\n\n\n In response to the allegations and Amnesty International\u2019s\nfindings, NSO has released the following statement:<\/p>\n\n\n\n \u201cAs per our policy, we investigate reports of alleged misuse of our products. If an investigation identifies actual or potential adverse impacts on human rights, we are proactive and quick to take the appropriate action to address them. This may include suspending or immediately terminating a customer’s use of the product, as we have done in the past.<\/em><\/p><\/blockquote>\n\n\n\n While there are significant legal and contractual constraints concerning our ability to comment on whether a particular government agency has licensed our products, we are taking these allegations seriously and will investigate this matter in keeping with our policy. Our products are developed to help the intelligence and law enforcement community save lives. They are not tools to surveil dissidents or human rights activists. That’s why contracts with all of our customers enable the use of our products solely for the legitimate purposes of preventing and investigating crime and terrorism. If we ever discover that our products were misused in breach of such a contract, we will take appropriate action.\u201d<\/em><\/p><\/blockquote>\n\n\n\n Keeping\nDevices Secure <\/strong><\/p>\n\n\n\n Absolutely never open links or attachments from unknown senders. Switching to end to end encrypted platforms for communication and storage, such as Private Mail, can drastically reduce the chances that the attachments or links you receive will be compromised or unsafe. Exclusively browsing the internet through a stealth VPN<\/a> will keep your activity encrypted, secure, and undetectable. Use and frequently update antivirus and antimalware software on every device as a failsafe. Anyone can be targeted by malware \u2013 it\u2019s up to you to make security focused decisions to protect yourself. <\/p>\n","protected":false},"excerpt":{"rendered":" Not everyone is fortunate enough to live in a free country. Many people still live in surveillance states, where the government wants to assure that the people never have their opposing voices heard. Some countries censor the internet and block major social media networks. Other countries send malware, or spyware, to people they want to […]<\/p>\n","protected":false},"author":1,"featured_media":60,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[21,22],"_links":{"self":[{"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/posts\/59"}],"collection":[{"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/comments?post=59"}],"version-history":[{"count":1,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/posts\/59\/revisions"}],"predecessor-version":[{"id":61,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/posts\/59\/revisions\/61"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/media\/60"}],"wp:attachment":[{"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/media?parent=59"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/categories?post=59"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/privatemail.com\/blog\/wp-json\/wp\/v2\/tags?post=59"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}