Middle East has become a blooming spyware market used for targeting journalist
A few days back Al Jazeera news anchor was hacked and now personal phone of a journalist at London-based Al Araby TV “Rania Dridi” was hacked.
Dridi was one of two London-based reporters and 36 journalists at Al Jazeera television network in Qatar who were probably targeted by the Saudi and Emirati governments using spyware deployed through an opening in iMessage. Based on logs from compromised phones, it was believed that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019.
Saudi Arabia and the UAE have been locked in a geopolitical conflict with Qatar, owner of the Al Jazeera television network, which critics say promotes Qatari interests. Dridi’s channel, Al Araby TV, is owned by a Qatari businessman. She said she suspected she was targeted because of her work and close friendship with a TV presenter also critical of Saudi and Emirati policies.
The hostility amongst the blocs in the region has lead to an increase in such offensive cyber operations. It is likely that Qatar will not sit back but would soon retaliate. Earlier also, Qatar has launched offensive cyber operations with the help of Global Risk Advisors (GRA), US-based consulting firm for extracting information on Broidy’s personal email account and signing a bilateral agreement with Turkey in a technological sphere.
Going by the report, in this case, the phones were compromised using an exploit chain that we call KISMET, which appears to involve invisible zero-click exploits in iMessage. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple’s then-latest iPhone 11.
According to the citizenlab “The journalists were hacked by four Pegasus operators, including one operator MONARCHY that they attribute to Saudi Arabia, and one operator SNEAKY KESTREL that they attribute to the United Arab Emirates”
Earlier also it was reported that UAE used powerful surveillance tools linked with NSO group for targeting their journalists and dissidents. Human rights advocates and security experts have accused NSO Group of selling its products to human rights abusers and governments around the world.
“CitizenLab apparently does not seem to be aware of the existence of any company in the cyber intelligence field other than NSO, and while we are proud of being a global leading company, we wish to emphasize that not everything associated to us is, in reality, a use of our technology,” the statement said.
On Monday, Tech giants like Microsoft, Google joined legal battle with Facebook against NSO Group for its powerful and dangerous cyber surveillance tools they used for targeting people.
However, NSO comment that its tools were used to fight crime but human rights defenders and technologists at places such as Toronto-based Citizen Lab and London-based Amnesty International have documented cases in which NSO technology has been used to target reporters, lawyers, and even nutritionists lobbying for soda taxes.