Wednesday, October 4, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

Victim of Private Spyware Warns It Can be Used Against US

Researcher by Researcher
July 28, 2022
in Cybersecurity
0
High-Severity Flaw in Argo CD is Information Leak Risk
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


Months after her father was lured back to Rwanda under false pretenses and jailed, Carine Kanimba discovered her own phone had been hacked using private spyware.

Kanimba is the youngest daughter of Paul Rusesabagina, who is credited with saving more than 1,200 lives during the 1994 Rwandan genocide in a story that inspired the movie “Hotel Rwanda.” An opponent of Rwandan President Paul Kagame, Rusesabagina is now serving a 25-year prison sentence on charges that he has dismissed as politically motivated.

Related articles

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023

Researchers have alleged Pegasus was used to spy on Kanimba and her cousin as Rusesabagina’s family was advocating for his release from Rwanda, which received $160 million in foreign aid from the United States in the last budget year.

“Unless there are consequences for countries and their enablers which abuse this technology, none of us are safe,” she told the House Intelligence Committee on Wednesday.

Kanimba and technology experts urged Congress to oppose the use of commercial spyware in the U.S. and discourage investment in spyware that has been used to hack the phones of dissidents, journalists, and even U.S. diplomats.

Pegasus infiltrates phones to control their camera and microphone and siphon off data without requiring the user to click on a malicious link. It is part of a burgeoning international market for states to acquire cyber tools that were once available only to the most technically advanced governments. Researchers at Google have identified at least 30 vendors selling “zero click” exploits or other spyware.

NSO Group says its software can’t be activated against phone numbers with a U.S. country code unless used by an American agency. But there are several documented reports of American officials and citizens having their data captured by Pegasus.

One committee member, Rep. Jim Himes, D-Conn., suggested that off-the-shelf spyware felt “like a very serious threat to our democracy and to democracies around the world.” Himes questioned whether spyware could be deployed from another country against American officials and he criticized companies that invest in it.

Among the investors in a private equity firm that held majority ownership of NSO Group were the Oregon state employee pension fund and the Alaska Permanent Fund Corporation.

U.S. officials and many lawmakers in both parties are concerned about foreign interference in future elections and the prospect of Americans trying to overturn a lawful vote by force.

“Nobody, not Mike Pence, not Nancy Pelosi, not Kevin McCarthy … are immune from having their most private deliberations watched,” Himes said. “And that may be just enough to interfere in our elections, just enough to end our democracy.”

U.S. law enforcement and intelligence agencies have long been in the market themselves for ways to hack into phones.

The Biden administration last year imposed export limits on NSO Group and three other firms. But the FBI has acknowledged buying a license for Pegasus for what it said was “product testing and evaluation only.” While spyware companies make huge profits in the Middle East and Europe, it is American business and investment that “legitimizes what they’re doing,” said John Scott-Railton, senior researcher at Citizen Lab, which has long studied how the programs work.

“Doing business with the U.S. government, getting acquired by a U.S. company or even doing business with an American police department is the golden price for many in the spyware industry,” he said. “As long as that remains as a possibility for problematic actors, they’re going to get support from investors.”

The committee is pushing U.S. spy agencies to “decisively act against counterintelligence threats posed by foreign commercial spyware,” according to the public version of its latest bill authorizing intelligence activities. The bill, which has not yet been voted on by the full House, proposes that the director of national intelligence “may prohibit” individual U.S. agencies from acquiring or using foreign commercial spyware.

But the bill would also allow any intelligence agency chief to seek a waiver from the director if the waiver “is in the national security interest of the United States.”

In a statement, NSO Group noted that the discussion over spyware “at times lacks balance (by) intentionally omitting their lifesaving benefits.”

“NSO reiterates that it thoroughly investigates any claim for illegal use of its technology by customers, and terminates contracts when illegal use is found,” the company said. “Nonetheless, it is critical to consider the benefits and alternatives to these critical technologies.”

Kanimba testified that she was alerted last year by a collective of journalists working with Citizen Lab and Amnesty International that there was reason to believe that she had been spied on. A subsequent forensic analysis of her phone revealed that she had been targeted by Pegasus spyware, she said.

She said the surveillance was triggered as she walked with her mother into a meeting with Belgium’s minister of foreign affairs – Rusesabagina holds Belgian citizenship and U.S. residency – and was active during calls with the State Department and with the office of the U.S. government’s special presidential envoy for hostage affairs.

Her family lives in San Antonio. Democratic Rep. Joaquin Castro, a committee member who represents that city, noted that his office’s communications may have been captured by Rwanda because he was advocating for Rusesabagina’s release.

The Rwandan Embassy in Washington did not respond to a request for comment.

Rusesabagina was sentenced for terrorism offenses related to his alleged links to the armed wing of his opposition political platform. Rusesabagina has denied supporting violence and called the verdict a “sham.”

Related: Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation

Related: US Puts New Controls on Israeli Spyware Company NSO Group

Related: Apple Ships Urgent Patch for FORCEDENTRY Zero-Days

Related: Apple Confirms New Zero-Day Attacks on Older iPhones

view counter

Previous Columns by Associated Press:
Tags:



Source link

Tags: privatespywareVictimwarns
Share76Tweet47

Related Posts

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
0

Northern Ireland’s top police officer apologized Thursday for what he described as an “industrial scale” data breach in which the...

Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023
0

Enterprise IT teams are struggling to cope with three major forces of change: the evolving regulatory environment, a globally dispersed...

Decipher Podcast: Katelyn Bowden and TC Johnson

Decipher Podcast: Katelyn Bowden and TC Johnson

August 12, 2023
0

Veilid main site: https://veilid.com/ Cult of the Dead Cow site: https://cultdeadcow.com/ Source link

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

August 12, 2023
0

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...

Used Correctly, Generative AI is a Boon for Cybersecurity

Used Correctly, Generative AI is a Boon for Cybersecurity

August 12, 2023
0

Adobe stock, by Busra At the Black Hat kickoff keynote on Wednesday, Jeff Moss (AKA Dark Tangent), the founder of...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
Microsoft to Block Macros by Default in Office Apps

Qakbot Email Thread Hijacking Attacks Drop Multiple Payloads

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
Browse Safer and Faster Around the World with JellyVPN for just $34.99

Browse Safer and Faster Around the World with JellyVPN for just $34.99

October 3, 2023
Hackers Steal User’s Database From European Institute

Hackers Steal User’s Database From European Institute

October 3, 2023
Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

October 2, 2023
AWS Honeypot to Disrupt Threat Actors

AWS Honeypot to Disrupt Threat Actors

October 2, 2023

Recent Posts

Browse Safer and Faster Around the World with JellyVPN for just $34.99

Browse Safer and Faster Around the World with JellyVPN for just $34.99

October 3, 2023
Hackers Steal User’s Database From European Institute

Hackers Steal User’s Database From European Institute

October 3, 2023
Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

October 2, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cyber Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches platform Ransomware RoundUp security services Software Stories TFT Threat Top vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved