Israel busts alleged Iranian spy ring made up of middle-aged women

January 14, 2022 by Leave a comment

Shin BetAUTHORITIES IN ISRAEL CLAIM they busted a ring of spies for Iran, which was composed solely of middle-aged Jewish women. The Israel Security Agency, known as Shin Bet, said on Thursday that it had arrested four Jewish women, all of them Iranian-born Israeli citizens. The four women were charged with espionage against the state of Israel. The Shin Bet described the case as “serious” and as part of a broader plan by Iran to build a sophisticated espionage network inside the Jewish state.

According to news reports, the women were recruited via the Facebook social networking platform by a user using the name Rambod Namdar. Namdar claimed to be a Jewish man living in Iran. After recruiting the women, Namdar operated as their handler, and provided them with regular payments in exchange for taking photographs of sensitive military sites and civilian government buildings. According to the Shin Bet, these included the buildings of the Ministry of Interior and the Ministry of Welfare and Social Affairs. The women were allegedly also asked to take photographs of the embassy of the United States, as well as commercial facilities, including shopping malls.

At least two of the women were asked to befriend Israeli politicians and government officials, according to the Shin Bet. The agency also claims that the women were asked to convince their sons to serve their mandatory military service by joining military intelligence units. In one case, according to the indictment, the son of one of the women did serve in an intelligence post in the Israeli military, which allowed his mother to pass a number of military documents to her Iranian handler.

Reports in the Israeli media and the BBC mention that Namdar communicated with the four women “for several years” using the encrypted messaging service WhatsApp. WhatsApp is owned by Meta, the same company that owns Facebook and Instagram.

Author: Joseph Fitsanakis | Date: 14 January 2022 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , , ,

Israel Security Agency uses Facebook to reach out to young Palestinians – report

December 7, 2021 by Leave a comment

Israeli West Bank barrier

AN ARTICLE PUBLISHED LAST month in one of Israel’s leading newspapers, Haaretz, shed light on how the Israel Security Agency (ISA) is using Facebook to combat militant groups in the Palestinian occupied territories, namely the West Bank and the Gaza Strip. According to the article’s author, Amira Hess, the ISA operates about 35 Arabic-language profile pages on Facebook, which are accessible in the various Palestinian areas under Israeli occupation.

ISA case officers (agent handlers) with Arabic monikers are in charge of various regions. For example, the officer in charge of the Hebron area is known as “Captain Eid”, the officer in charge of the Al-Amari refugee camp is known as “Captain Zaker”, and so on. Every Facebook profile page has a telephone number for users to send messages using WhatsApp. In addition, a general Facebook page of the ISA was opened under the heading in Arabic, “Badna Naish” (“Want to Live” in Arabic).

The transition to using Facebook pages is in the spirit of the times, and reflects the fact that many younger Palestinians receive their daily news through social networks, and not through traditional media, such as radio or television. The purpose of the ISA’s open-referral method using Facebook is to talk to the Palestinian population directly, and especially to the younger generation, who is very active on social networks. This also allows social media users to pass on security information to thwart terrorist attacks without disclosing their identity. The Facebook pages also serve the ISA as a tool for recruiting Palestinians who are willing to help Israel.

Additionally, the ISA uses Facebook’s pages to warn Palestinians who plan terrorist acts before they go into action. Here are some examples of the use of Facebook’s pages: In March of this year, an ISA case officer using the moniker “Captain Eid” wrote on his Facebook page covering the Hebron area that he called several masked men who fired shots in the air while welcoming the released terrorist Mahmoud Hushia, and warned them that their identities were known. “In their deeds, they will be punished. Please stay away from unnecessary problems”, wrote Captain Eid. Read more of this post

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , ,

Iranian hackers used Gmail, Facebook, to spy on US aerospace contractor

August 3, 2021 by Leave a comment

Computer hacking

A GROUP OF HACKERS, who are known to operate under the direction of the Iranian government, used fictitious Gmail and Facebook accounts to compromise employees of a United States defense contractor. A report issued on Monday by the California-based cybersecurity company Proofpoint identified the hackers behind the espionage campaign as members of a group codenamed Threat Actor 456 (TA456).

Known also as Imperial Kitten and Tortoiseshell, TA456 has a history of pursuing espionage targets at the direction of the Iranian government. According to Proofpoint, TA456 is among “the most determined” Iranian-aligned threat actors. The cybersecurity firm adds that the espionage activities of TA456 often target Western “defense industrial base contractors” that are known to specialize in the Middle East.

The most recent operation by TA456 involved a fictitious online personality that went by the name “Marcella Flores”, also known as “Marcy Flores”, who claimed to live in the British city of Liverpool. The group used a Gmail account and fake Facebook profile to reinforce the fictitious profile’s credibility, and to approach employees of United States defense contractors. One such employee began corresponding with Flores on Facebook toward the end of 2019.

In June 2021, after having cultivated the relationship with the defense employee for over a year, Flores sent the employee a link to a video file, purportedly of herself. The file contained a malware, known as LEMPO, which is designed to search targeted computers and provide the hacker party with copies of files found on penetrated systems.

Facebook is apparently aware of the espionage campaign by TA456. Last month, the social media company said it had taken action “against a group of hackers in Iran [in order] to disrupt their ability to use their infrastructure to abuse [Facebook’s] platform, distribute malware and conduct espionage operations across the internet, targeting primarily the United States”.

Author: Joseph Fitsanakis | Date: 03 August 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , ,

Chinese hackers used Facebook to target Uighur activists with malware

March 25, 2021 by 4 Comments

Facebook

CHINESE HACKERS USED FAKE Facebook accounts to target individual activists in the expatriate Uighur community and infect their personal communications devices with malware, according to Facebook. The social media company said on Wednesday that the coordinated operation targeted approximately 500 Uighur activists living in the United States, Canada, Australia, Syria, Turkey and Kazakhstan.

At least 12 million Uighurs, most of them Muslims, live in China’s Xinjiang region, which is among the most impoverished in the country. The Chinese state is currently engaged in a campaign to quell separatist tendencies among some Uighurs, while forcibly integrating the region’s population into mainstream culture through a state-run program of forcible assimilation. It is believed that at least a million Uighurs are currently living in detention camps run by the Communist Party of China, ostensibly for “re-education”. Meanwhile, thousands of Uighur expatriates, most of whom live in Kazakhstan and Turkey, are engaged in a concerted campaign aimed at airing human-rights violations occurring in the Chinese detention camps throughout Xinjiang.

According to Facebook, Chinese hackers set up around 100 accounts of fake personas claiming to be journalists with an interest in reporting on human rights, or pro-Uighur activists. They then befriended actual Uighur activists on Facebook and directed them to fake websites that were designed to resemble popular Uighur news agencies and pro-activist websites. However, these websites were carriers of malware, which infected the personal communications devices of those who visited them. Some Facebook users were also directed to fake smartphone application stores, from where they downloaded Uighur-themed applications that contained malware.

Facebook said it was able to detect and disrupt the fake account network, which has now been neutralized. It also said it was able to block all fake domains associated with the hacker group, and notified users who were targeted by the hackers. It added that its security experts were not able to discern direct connections between the hackers an the Chinese state.

Author: Joseph Fitsanakis | Date: 25 March 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , ,

WhatsApp sues Israeli firm for enabling spy attacks on 1,400 users worldwide

November 1, 2019 by 3 Comments

NSO GroupThe Facebook-owned company WhatsApp has filed a lawsuit against a leading Israeli technology firm, accusing it of enabling governments around the world to spy on 1,400 high-profile users, including politicians and diplomats. The Reuters news agency said it spoke to “people familiar” with the investigation into the spy scandal, which it says was launched “earlier this year”.

What is interesting about the case, says Reuters, is that a “significant” proportion of the hundreds of WhatsApp users who were targeted by governments worldwide are “high profile” officials. The victims reportedly serve in various government agencies, including the armed forces, of at least 20 countries on five continents. They allegedly include politicians, diplomats, military officers, academics, journalists, lawyers and human-rights activists in countries such as the United States, India, Mexico, Bahrain, the United Arab Emirates and Pakistan.

WhatsApp alleges that the spy activities against these individuals were enabled by NSO Group, an Israeli software development company that specializes in surveillance technologies. The Facebook-owned company alleges that NSO Group specifically developed a hacking platform that allows its users to exploit flaws in WhatsApp’s servers in order to gain access to the telephone devices of targeted individuals. At least 1,400 of WhatsApp’s users had their telephones compromised between April 29 and May 10, 2019, says WhatsApp.

NSO Group, whose clientele consists exclusively of government agencies worldwide, denies any wrongdoing. The company claims that its products are designed to “help governments catch terrorists and criminals”, says Reuters. But WhatsApp and Citizen Lab, a research initiative based at the University of Toronto, which worked with WhatsApp on the NGO Group case, claim that at least 100 of the 1,400 victims were news journalists, political activists and the lawyers who defend them. There was no overlap between ongoing criminal or terrorism investigations and those targeted by NSO Group’s software, they claim.

The names on the list of espionage victims are not known. But Reuters said that, depending on how high-profile the victims are, the WhatsApp-NSO Group spy scandal could have worldwide political and diplomatic consequences.

Author: Joseph Fitsanakis | Date: 01 November 2019 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , ,

Facebook shuts down suspected state effort to prop up Sudanese military regime

September 11, 2019 by Leave a comment

Sudan civil unrestFacebook has shut down a well-funded online campaign to support Sudan’s military regime, which some say is part of wider efforts by Egypt, the United Arab Emirates and Saudi Arabia to stop democratic reforms in Sudan. The northeast African country has experienced civil unrest for more than a year. In February Sudan’s longtime strongman, Omar Hassan al-Bashir, fell from power after 30 years, following prolonged popular protests. But the new military junta that succeeded him launched a violent campaign of suppression against the country’s pro-democracy movement. The junta’s leaders have relied heavily on ample support provided by three close American allies, namely Egypt, Saudi Arabia and the United Arab Emirates. Meanwhile, the student-led pro-democracy movement has taken to the Internet to mobilize the Sudanese population. The regime has at times shut down the Internet in an attempt to stop pro-democracy organizers from spreading their message online.

Now it has emerged that Facebook detected and terminated a systematic misinformation campaign to promote the views of the Sudanese regime while also slamming the pro-democracy movement as reckless and irresponsible. The campaign was reportedly carried out by two self-described “digital marketing” companies: New Waves, headquartered in Egypt, and Newave, which is based in the Emirates. According to Facebook, the two companies worked in parallel to establish hundreds of fake accounts on social media platforms such as Facebook and Instagram. They also spent nearly $170,000 to promote material that was posted online by an army of paid users. The latter were allegedly paid $180 a month to post disinformation and other forms of carefully directed propaganda on social media. A total of 13.7 million Facebook and Instagram users were reached in the course of the disinformation campaign, according to Facebook. Twitter and Telegram were also employed by the two companies to post messages in favor of the Sudanese military. Other messages extoled the Libyan warlord Khalifa Haftar, as well as Muse Bihi Abdi, president of the self-declared state of Somaliland. Egypt, Saudi Arabia and the Emirates are staunch supporters of both Haftar and Abdi.

Facebook said it had been unable to collect evidence of a direct link between the New Waves/Newave disinformation campaign and the governments of Egypt, Saudi Arabia and the United Arab Emirates. But it added that the features of the campaign bore the hallmarks of a state-run operation. The New York Times, which reported on the story last week, said the Emirati company, Newave, did not respond to several requests for a comment. Amr Hussein, an Egyptian former military officer who owns the Cairo-based New Wave, issued a public statement calling Facebook “liars” and denying he had any links to the Emirates.

Author: Joseph Fitsanakis | Date: 11 September 2019 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , ,

Czech spy agency says it neutralized Hezbollah cyberespionage network

October 17, 2018 by Leave a comment

Czech Security Information ServiceOfficials in the Czech Republic have announced that the country’s spy agency headed an operation in several countries, aimed at neutralizing a cyberespionage network operated by the Lebanese militant group Hezbollah. Early last week, the Security Information Service (BIS), the primary domestic national intelligence agency of the Czech Republic, issued a short statement saying that it “played a big part in helping to identify and disconnect Hezbollah servers in the Czech Republic, other EU member states and the US”. But it did not elaborate. On Tuesday, however, ZDNet’s Zero Day security blog published more information from the Czechs about the BIS operation.

According to the BIS, its cyber security force discovered a number of servers located on Czech soil, which were “almost certainly” used by Hezbollah, the Shiite militant group that controls large swathes of territory in Lebanon. The servers were allegedly used in a wide-range cyberespionage operation that began in 2017 by a group of Hezbollah hackers based in Lebanon. It was there, said the BIS, where the command-and-control facilities of the operation were located. The servers located on Czech soil were used to download phone apps that contained malicious software. The hackers targeted individual phone users located mainly in the Middle East, according to the BIS, but other targets were in eastern and central Europe. It is believed that the majority of targets were Israeli citizens. Invariably, targeted individuals were approached online, mostly through fake Facebook profiles. Most of the targets were men, and the fake Facebook profiles featured pictures of attractive young women. After initial messages were exchanged via Facebook, the targets were convinced to download phone applications that would allow them to continue communicating with the ‘women’. These applications would install spyware on their phones, thus allowing Hezbollah hackers to capture the content of messages and calls made on the phones. The latter could also be used as eavesdropping devices.

According to BIS Director Michal Koudelka, the spy agency “played a significant role in identifying and uncovering the hackers’ system. We identified the victims and traced the attack to its source facilities. Hacker servers have been shut down”, he said. Koudelka added that some of the servers used by Hezbollah were located in other European Union countries and in the United States. These were shut down following a joint cyber operation by BIS and “partners”, said Koudelka, though he did not identify them.

Author: Joseph Fitsanakis | Date: 17 October 2018 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , ,

Facebook says efforts to subvert upcoming US elections resemble ‘new arms race’

August 1, 2018 by Leave a comment

FacebookFacebook has said it is involved in an “arms race” against “bad actors” as it announced on Tuesday the removal of accounts that allegedly tried to subvert the upcoming mid-term elections in the United States. The social-media giant said its security division had identified 32 profiles and pages that were set up for the sole purpose of disrupting, subverting or otherwise influencing the American political process. At least seven more accounts were shut down on the Instagram platform –which is also owned by Facebook– for the same reasons. In the past 14 months, the suspect accounts generated nearly 10,000 posts and were liked or followed by over 290,000 users, said Facebook.

In addition to producing memes that aimed to stir existing racial, political and religious tensions in American society, the suspect accounts are also believed to have generated approximately 150 paid advertisements, spending around $11,000 for that purpose. Moreover, close to 30 public events were organized, advertised and hosted by the suspect pages throughout the US in the past 14 months. One such event was subscribed to by 4,700 users, with another 1,400 users stating that they would attend.

In a preliminary report posted on its online newsroom, Facebook said it was too early in the investigation to identify the party or parties behind the alleged effort to influence the US mid-term elections. Its security team had detected “one instance” of a connection between this latest operation and the Russian-based Internet Research Agency (IRA), which Facebook identified as being one of the main sources behind efforts to influence the 2016 US presidential elections. But the report cautioned that the instigators of this latest attempt to influence the US political process had gone to great pains to hide their identities, affiliations and geographical coordinates. For instance, they routinely employed virtual private networks in order to disguise their internet protocol addresses. They also used third parties to purchase advertisements on Facebook and Instagram. These and many other tactics severely limited the ability of security technicians to attribute these efforts to specific countries, governments or companies, said Facebook.

Using unusually strong language to describe its ongoing probe, Facebook said that the exploitation of its platform for sinister political purposes resembled “an arms race” and that constantly changing tactics were needed to combat it. In addition to removing the suspect accounts, Facebook said it was working closer with law enforcement and leading online security firms in order to analyze and eliminate threats from what it described as “bad actors”. It added that it was “investing heavily” in more people and better technology in order to eliminate those who were trying to weaponize its communication platform for sinister goals.

Author: Joseph Fitsanakis | Date: 01 August 2018 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , ,

Facebook shared user data with Chinese firm despite warnings by US intelligence

June 6, 2018 by Leave a comment

HuaweiThe online social media company Facebook shares data about its users with a Chinese telecommunications company that has been flagged in United States government reports as a threat to security. The New York Times revealed on Tuesday that Facebook has been routinely giving access to the private data of its users to four Chinese companies since at least 2010. The paper said that the data-sharing agreement with Lenovo, Oppo, TCL, and Huawei Technologies, has its roots in 2007. That was the year when Facebook began an effort to entice cell phone hardware and software manufacturers to include Facebook-friendly apps and features in their products. As part of the agreement, Facebook gave cell phone manufacturers access to its users’ private data, including “religious and political leanings, work and education history and relationship status”, said the Times.

However, several sources in the United States, United Kingdom, Australia and other governments, have repeatedly flagged Huawei as a company that is uncomfortably close to the Chinese government and its intelligence agencies. In 2011, the US Open Source Center, which acts as the open-source intelligence arm of the Office of the Director of National Intelligence, became the first US government agency to openly link Huawei with the Chinese intelligence establishment. It said that Huawei relied on a series of formal and informal contacts with the Chinese People’s Liberation Army and the Ministry of State Security, which oversee and administer China’s military and civilian intelligence apparatus. In 2013, the British government launched an official review of Huawei’s involvement in the UK Cyber Security Evaluations Centre in Oxfordshire, England, following a British Parliament report that raised strong concerns about the Chinese company’s links with the government in Beijing. And last year the Australian government expressed concern about Huawei’s plan to provide high-speed Internet to the Solomon Islands, a small Pacific island nation with which Australia shares Internet resources.

In a statement, Facebook said that all data shared with Huawei remained stored on users’ phones and was not downloaded on the Chinese’ company’s private servers. It also said that it would “phase out” the data-sharing agreement with Huawei by the middle of June. The Times noted on Tuesday that Facebook has been officially banned in China since 2009. However, the social media company has been trying to make a comeback in the Chinese market, by cultivating close links with Chinese Communist Party officials. Facebook founder Mark Zuckerberg visited China in October of last year, and met with Chinese Premier Xi Jinping and other senior officials.

Author: Joseph Fitsanakis | Date: 06 June 2018 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , ,

India arrests commando instructor who fell for Pakistani honey trap on Facebook

February 9, 2018 by 4 Comments

Garud Commando ForceIndian authorities have arrested an Indian Air Force officer for allegedly giving classified documents to two Pakistani spies on Facebook, who posed as women interested in him. The officer has been named as Arun Marwaha, a wing commander stationed at the Indian Air Force headquarters in Delhi. Marwaha, 51, is a para-jumping instructor who trains members of India’s Garud Commando Force —the Special Forces unit of the Indian Air Force. He was reportedly due to retire in 2019.

According to Indian government investigators, several months ago Marwaha was befriended by two Facebook users who claimed to be Indian women. He began chatting regularly with them on Facebook and eventually on the popular cell phone messenger service WhatsApp. Within weeks, Marwaha’s WhatsApp exchanges with the women had become intimate in nature. Before long, the Indian Air Force instructor was providing the women with classified documents in return for intimate photos of themselves. Media reports state that the classified documents related to special operations, some involving cyberwarfare, and space reconnaissance. Government investigators claim that Marwaha’s Facebook contacts were in fact male officers of Pakistan’s Inter-Services Intelligence (ISI), who targeted Marwaha in a carefully planned honey trap operation.

According to reports, the breach caused by Marwaha was discovered last month, at which time the internal security branch of the Indian Air Force launched an investigation. Marwaha was questioned for over a week before turning over his case to Delhi Police, who arrested him on Thursday. He has reportedly been charged under India’s Official Secrets Act and is facing a jail sentence of up to 14 years. Meanwhile, the Indian Air Force is investigating whether other officers have fallen victims to similar honey trap operations by Pakistan’s ISI on Facebook.

Author: Ian Allen | Date: 09 January 2018 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , ,

Israeli military says Hamas lured its soldiers using online profiles of women

January 12, 2017 by Leave a comment

Cellular telephoneThe Israel Defense Forces told a press conference on Wednesday that hackers belonging to the Palestinian militant group Hamas lured Israeli soldiers by posing as young women online. Wednesday’s press conference was led by an IDF spokesman who requested to remain anonymous, as is often the case with the Israeli military. He told reporters that the hackers used carefully crafted online profiles of real Israeli women, whose personal details and photographs were expropriated from their publicly available social media profiles. The hackers then made contact with members of the IDF and struck conversations with them that in many cases became intimate over time. At various times in the process, the hackers would send the Israeli soldiers photographs of the women, which were copied from the women’s online public profiles.

The anonymous IDF spokesman said that, if the soldiers continued to show interest, they were eventually asked by the hackers posing as women to download an application on their mobile telephones that would allow them to converse using video. Once the soldiers downloaded the application, the ‘women’ would find excuses to delay using the application, or the relationships would abruptly end. But the soldiers would leave the application on their telephones. It would then be used by the Hamas hackers to take control of the camera and microphones on the soldiers’ mobile devices. According to the IDF spokesman, dozens of Israeli soldiers were lured by the Hamas scam. No precise number was given.

Media reports suggest that the Hamas hackers were primarily interested in finding out information about IDF maneuvers around the Gaza Strip, the narrow plot of densely inhabited territory that is controlled by the Palestinian militant group. They were also interested in collecting information about the size and weaponry of the Israeli forces around Gaza. Media representatives were told on Wednesday that the operation “had potential for great damage”. But the IDF claims that the harm to its operations was “minimal”, because it primarily targeted low-ranking soldiers. Consequently, according to the Israeli military, the hackers were not able to acquire highly sensitive information.

In 2009, dozens of members of Sweden’s armed forces serving with NATO’s International Security Assistance Force in Afghanistan were found to have been approached via Facebook, and asked to provide details on NATO’s military presence in the country. The Afghan Taliban are believed to have carried out the operation.

Hamas has not commented on the allegations by the IDF.

Author: Joseph Fitsanakis | Date: 12 January 2017 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , ,

Belgian intelligence employees ‘outed themselves’ on LinkedIn

November 28, 2012 by 6 Comments

LinkedIn logoBy JOSEPH FITSANAKIS | intelNews.org |
Several alleged employees of Belgian security and intelligence agencies have revealed their identities on social networking sites, it has been reported. Belgian newspaper De Standaard, which made the revelation in a leading article on Tuesday, said that many LinkedIn and Facebook users appear to list their employer as Belgium’s State Security Agency (Sûreté de l’État or SE/SV) or the Coordinating Body for Threat Analysis (OCAM/OCAD). The SE is Belgium’s foremost civilian intelligence agency, operating under the country’s Ministry of Justice. OCAM is one of Belgium’s several anti-terrorist intelligence collection and analysis agencies, which operates under the joint supervision of the Justice and Interior Ministries. De Standaard contacted the two agencies, which refused to comment on whether the social networking profiles are authentic. But the paper spoke with an unnamed Belgian senior intelligence official, who said that this was potentially a very serious issue for Belgian national security. “Russian and Chinese intelligence services employ thousands of people”, said the official, “and have the resources and time to manually search for such profiles and then exploit the information they provide. Our people could, by their very presence on such sites, become the target of hostilities”. De Standaard also spoke to Belgian Senator Dirk Claes, who is a member of the country’s Parliamentary Committee on Intelligence. He told the paper that his colleagues in the Committee would be up in arms if the profiles turned out to be authentic. “These individuals have security clearances and are obligated to stay in the background, as much as possible. I will be raising this issue in the [Intelligence] Committee”, Claes told De Standaard. Read more of this post

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , ,

Did US spies hack French government computers using Facebook?

November 22, 2012 by 6 Comments

The Palais de l'ÉlyséeBy JOSEPH FITSANAKIS | intelNews.org |
A sophisticated computer virus discovered at the center of the French government’s secure computer network was planted there by the United States, according to unnamed sources inside France’s intelligence community. Paris-based magazine L’Express, France’s version of Time magazine, says in its current issue that the alleged American cyberattack took place shortly before last April’s Presidential elections in France. It resulted in the infection of the entire computer system in the Palais de l’Élysée, which is the official residence of the President of France. The French magazine cites unnamed sources inside the French Network and Information Security Agency (ANSSI), which is responsible for cybersecurity throughout France. The sources claim that the snooping virus allowed its handlers to gain access to the computers of most senior French Presidential aides and advisers during the final weeks of the administration of French President Nicolas Sarkozy, including his Chief of Staff, Xavier Musca. The article claims that the virus used a source code nearly identical to that of Flame, a super-sophisticated version of Stuxnet, the virus unleashed a few years ago against the computer infrastructure of the Iranian nuclear energy program. Many cybersecurity analysts believe that the US and Israel were instrumental in designing both Stuxnet and Flame. IntelNews understands that the alleged virus was initially directed at employees of the Palais de l’Élysée through Facebook. The targets were allegedly befriended by fake Facebook profile accounts handled by the team that operated the virus. The targets were then sent phishing emails that contained links to phony copies of the login page for the Palais de l’Élysée intranet website. Read more of this post

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , , , , ,

News you may have missed #791

September 12, 2012 by Leave a comment

Liang GuanglieBy IAN ALLEN | intelNews.org |
►►India sees espionage behind Chinese cash payments to Indian pilots. According to Indian government sources, Chinese Defense Minister General Liang Guanglie gave two envelopes to the two Indian pilots, both wing commanders, who had flown him in a special Indian Air Force aircraft to New Delhi from Mumbai. After seeing off Liang, the pilots opened the sealed envelopes and found cash gifts inside. They immediately reported this to their superiors, who, in turn, informed the Indian Defense Ministry. India is now planning to lodge a protest with China over the incident.
►►NSA says foreign cyberattacks increasingly reckless. Debora Plunkett, of the secretive National Security Agency, whose responsibilities include protecting US government computer networks, has said that other nations are increasingly employing cyberattacks without “any sense of restraint”, citing “reckless” behaviors that neither the United States nor the Soviet Union would have dared at the height of Cold War tensions. She also predicted that Congress would pass long-stalled cybersecurity legislation within the next year. One wonders whether the Stuxnet incident is included in such “reckless” cyberattacks?
►►Taliban ‘using Facebook to lure Australian soldiers’. According to a review of social media by the Australian federal government, Australian soldiers are being warned by their commanders that enemies are creating fake Facebook profiles to spy on them. The report says that Taliban insurgents in Afghanistan are posing as “attractive women” on Facebook to befriend coalition soldiers and gather intelligence about operations. It adds that family and friends of soldiers are inadvertently jeopardizing missions by sharing confidential information online. This is not the first such warning in recent years.

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , , , , , , , , , ,

News you may have missed #714

April 17, 2012 by Leave a comment

Tjostolv Moland and Joshua FrenchBy IAN ALLEN | intelNews.org |
►►British PM urged to intervene in Congo spy case. The mother of Joshua French, who has dual British and Norwegian nationality, and is facing execution in the Democratic Republic of Congo, has urged British Prime Minister David Cameron to ask Congolese authorities to pardon him. French, and his Norwegian friend Tjostolv Moland, were sentenced to death for murder and spying in the vast central African country in 2009. A prison official claimed in August last year that the pair had tried to escape, but their lawyer denies this.
►►Computers of Syrian activists infected with Trojan. Since the beginning of the year, pro-Syrian-government hackers have steadily escalated the frequency and sophistication of their attacks on Syrian opposition activists. Many of these attacks are carried out through Trojans, which covertly install spying software onto infected computers, as well as phishing attacks which steal YouTube and Facebook login credentials. According to the Electronic Frontier Foundation, the latest surveillance malware comes in the form of an extracting file which is made to look like a PDF if users have their file extensions turned off. The PDF purports to be a document concerning the formation of the leadership council of the Syrian revolution and is delivered via Skype message from a known friend.
►►Report claims Australian government spied on anti-coal activists. The leader of the Australian Greens, Bob Brown, says he is outraged at reports that the Australian Security Intelligence Organisation (ASIO) is spying on mining protesters, and says such action is a misuse of the spy agency’s resources. The revelations were reported in Australian newspapers yesterday, and are based on a Freedom of Information request to the Department of Resources, Energy and Tourism that was reportedly rejected because it involved “an intelligence agency document”. The ASIO says it cannot confirm whether it has conducted surveillance of anti-coal protesters, but it says it does not target particular groups or individuals unless there is a security-related reason to do so.

Filed under A specialized intelligence website written by experts, since 2008 Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Older posts

%d bloggers like this: