New Yorker: A Hacked Newsroom Brings a Spyware Maker to U.S. Court

New Yorker: A Hacked Newsroom Brings a Spyware Maker to U.S. Court. “[Roman] Gressier is one of at least thirty-five journalists and civil-society members hacked with Pegasus in El Salvador between July, 2020, and November, 2021, according to the analysis by Citizen Lab, which was verified by Amnesty International. The hacking campaign comprised at least two hundred and sixty Pegasus attacks.”

Politico: Egypt’s COP27 summit app is a cyber weapon, experts warn

Politico: Egypt’s COP27 summit app is a cyber weapon, experts warn. “Western security advisers are warning delegates at the COP27 climate summit not to download the host Egyptian government’s official smartphone app, amid fears it could be used to hack their private emails, texts and even voice conversations. Policymakers from Germany, France and Canada were among those who had downloaded the app by November 8, according to two separate Western security officials briefed on discussions within these delegations at the U.N. climate summit.”

Politico: Don’t download Qatar World Cup apps, EU data authorities warn

Politico: Don’t download Qatar World Cup apps, EU data authorities warn. “A message to football fans from Europe’s data protection chiefs: Qatar’s World Cup apps pose a massive privacy risk, so don’t download them. European data protection regulators have been lining up to warn about the risks posed by Qatar’s World Cup apps for visitors, with Germany’s data protection commissioner being the latest.”

The Guardian: British judge rules dissident can sue Saudi Arabia for Pegasus hacking

The Guardian: British judge rules dissident can sue Saudi Arabia for Pegasus hacking. “A British judge has ruled that a case against the kingdom of Saudi Arabia brought by a dissident satirist who was targeted with spyware can proceed, a decision that has been hailed as precedent-setting and one that could allow other hacking victims in Britain to sue foreign governments who order such attacks.”

Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus (CitizenLab)

CitizenLab: Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus. “Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts. Using Internet scanning we identified more than 750 websites linked to Candiru’s spyware infrastructure.”

New York Times: Defense Firm Said U.S. Spies Backed Its Bid for Pegasus Spyware Maker

New York Times: Defense Firm Said U.S. Spies Backed Its Bid for Pegasus Spyware Maker. “Spokesmen for L3Harris and NSO declined to comment about the negotiations between the companies. A spokeswoman for Avril Haines, the director of national intelligence, declined to comment on whether any American intelligence officials quietly blessed the discussions. A spokesman for the Commerce Department declined to give specifics about any discussions with L3 Harris about purchasing NSO.”

The Verge: Google says attackers worked with ISPs to deploy Hermit spyware on Android and iOS

The Verge: Google says attackers worked with ISPs to deploy Hermit spyware on Android and iOS. “A sophisticated spyware campaign is getting the help of internet service providers (ISPs) to trick users into downloading malicious apps, according to research published by Google’s Threat Analysis Group (TAG) (via TechCrunch). This corroborates earlier findings from security research group Lookout, which has linked the spyware, dubbed Hermit, to Italian spyware vendor RCS Labs.”

WIRED: Spyware Vendors Target Android With Zero-Day Exploits

WIRED: Spyware Vendors Target Android With Zero-Day Exploits. “NSO GROUP AND its powerful Pegasus malware have dominated the debate over commercial spyware vendors who sell their hacking tools to governments, but researchers and tech companies are increasingly sounding the alarm about activity in the wider surveillance-for-hire industry. As part of this effort, Google’s Threat Analysis Group is publishing details on Thursday of three campaigns that used the popular Predator spyware, developed by the North Macedonian firm Cytrox, to target Android users.”

Google: A Spyware Company Exploited 5 Chrome, Android Zero-Days in 2021 (PC Magazine)

PC Magazine: Google: A Spyware Company Exploited 5 Chrome, Android Zero-Days in 2021. “One spyware company exploited at least five zero-day vulnerabilities—four in the Chrome browser and one in the Android operating system—throughout 2021, according to Google. The company’s Threat Analysis Group (TAG) says the spyware maker in question is a North Macedonian firm known as Cytrox.”

Spain: 2021 spyware attack targeted prime minister’s phone (Associated Press)

Associated Press: Spain: 2021 spyware attack targeted prime minister’s phone. “The cellphones of Spain’s prime minister and defense minister were infected last year with Pegasus spyware, which is available only to countries’ government agencies, authorities announced Monday. Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once the following month, Cabinet Minister Félix Bolaños said.”

The New Yorker: How Democracies Spy on Their Citizens

The New Yorker: How Democracies Spy on Their Citizens. “Commercial spyware has grown into an industry estimated to be worth twelve billion dollars. It is largely unregulated and increasingly controversial. In recent years, investigations by the Citizen Lab and Amnesty International have revealed the presence of Pegasus on the phones of politicians, activists, and dissidents under repressive regimes. An analysis by Forensic Architecture, a research group at the University of London, has linked Pegasus to three hundred acts of physical violence.”