Phony WikiLeaks Tricks Activist Into Downloading Government-Grade Spyware

The Citizen's Guide to the Future
Oct. 10 2012 5:51 PM

Phony WikiLeaks Tricks Activist Into Downloading Government-Grade Spyware

91985688
A person checks a laptop in Dubai

Photo by KARIM SAHIB/AFP/Getty Images

Western companies that sell government-grade spyware say it’s designed to prevent and detect serious crime. But ever-mounting evidence suggests their advanced surveillance tools are being sold to authoritarian regimes where it’s being used for political purposes.

In August, I reported for Future Tense that citizen journalists in Morocco had been targeted by a sophisticated trojan. A team of award-winning reporters for the Mamfakinch.com website were duped into downloading what appeared to be a Microsoft Word document containing evidence of a scandal, but was actually spyware. Security researchers who studied the trojan believed that it was manufactured by an Italian company called Hacking Team, which offers governments and law enforcement agencies what it calls “'an offensive solution for cyber investigations.” Hacking Team’s technology is designed to secretly infect a computer and siphon data, such as by spying on Skype chats, logging keystrokes, and even taking webcam snapshots.

Advertisement

Now it has emerged that Mamfakinch does not appear to have been the only victim of the Hacking Team technology. A report today by Morgan Marquis-Boire, a Citizen Lab security researcher, has found that a prominent activist-blogger based in the United Arab Emirates has also been targeted with a spy trojan that has all the hallmarks of Hacking Team’s shadowy product. Ahmed Mansoor, who was imprisoned last year over charges of insulting the country’s vice president and threatening state security, received an email in July claiming to be from “Arabic WikiLeaks.” A fake .doc file contained in the email masked a trojan with some of the same elements as the version found in Morocco. (The trojan depends on a security flaw within Microsoft Office software, a kind of vulnerability often described by hackers as a “zero-day exploit.”) It was also linked, Citizen Lab found, to the hackingteam.it domain name. As of the time of publication, Hacking Team had not responded to my request for comment.

The consequences for Mansoor have been severe. Not long after he was targeted by the spyware, he was physically attacked. He told Bloomberg that although the spyware and the attack may not be directly related, “he suspects it is part of a broader pattern of surveillance” that has involved tracking him by his mobile phone.

The dossier of evidence linking Western companies to cases of dissident monitoring in the Middle East has been expanding rapidly in recent months. In July, a number of Bahraini activists were targeted with a Trojan tool purportedly designed by British spy tech company Gamma Group. This may have led in turn to the British government’s subsequent decision to restrict sales of Gamma’s “FinSpy” software, which is in line with an ongoing effort in the European Parliament to bring in stricter rules for spy gear sales. The nearest equivalent in the Unites States is the push by Republican Rep. Chris Smith for the adoption of the Global Online Freedom Act, designed to limit sales of surveillance and censorship technologies to countries where it may be abused.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

TODAY IN SLATE

Politics

Meet the New Bosses

How the Republicans would run the Senate.

The Government Is Giving Millions of Dollars in Electric-Car Subsidies to the Wrong Drivers

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Cheez-Its. Ritz. Triscuits.

Why all cracker names sound alike.

Friends Was the Last Purely Pleasurable Sitcom

The Eye

This Whimsical Driverless Car Imagines Transportation in 2059

Medical Examiner

Did America Get Fat by Drinking Diet Soda?  

A high-profile study points the finger at artificial sweeteners.

The Afghan Town With a Legitimately Good Tourism Pitch

A Futurama Writer on How the Vietnam War Shaped the Series

  News & Politics
Photography
Sept. 21 2014 11:34 PM People’s Climate March in Photos Hundreds of thousands of marchers took to the streets of NYC in the largest climate rally in history.
  Business
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
  Life
Quora
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Tv Club
Sept. 21 2014 1:15 PM The Slate Doctor Who Podcast: Episode 5  A spoiler-filled discussion of "Time Heist."
  Arts
Television
Sept. 21 2014 9:00 PM Attractive People Being Funny While Doing Amusing and Sometimes Romantic Things Don’t dismiss it. Friends was a truly great show.
  Technology
Future Tense
Sept. 21 2014 11:38 PM “Welcome to the War of Tomorrow” How Futurama’s writers depicted asymmetrical warfare.
  Health & Science
Bad Astronomy
Sept. 22 2014 5:30 AM MAVEN Arrives at Mars
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.