How the Iranian Government Hacks Dissidents
Citizen Lab has a new report on an Iranian government hacking program that targets dissidents. From a Washington Post op-ed by Ron Deibert:
Al-Ameer is a net savvy activist, and so when she received a legitimate looking email containing a PowerPoint attachment addressed to her and purporting to detail “Assad Crimes,” she could easily have opened it. Instead, she shared it with us at the Citizen Lab.
As we detail in a new report, the attachment led our researchers to uncover an elaborate cyberespionage campaign operating out of Iran. Among the malware was a malicious spyware, including a remote access tool called “Droidjack,” that allows attackers to silently control a mobile device. When Droidjack is installed, a remote user can turn on the microphone and camera, remove files, read encrypted messages, and send spoofed instant messages and emails. Had she opened it, she could have put herself, her friends, her family and her associates back in Syria in mortal danger.
Here’s the report. And a news article.
Who? • August 9, 2016 5:58 AM
I have a hard time understanding why activists whose on-line actions endanger them and their families continue using so insecure operating systems. It is basic OPSEC. Attack vectors have not changed in the last two decades. No need for elaborate plans, high tech surveillance technologies and expensive hardware implants. Sending them a Power Point or Word infected document is enough.