In the online ploy, fake journalists tried to hack Saudi critic
In the online ploy, fake journalists tried to hack Saudi critic
The Associated Press has discovered that hackers posing as journalists tried to intercept communications from a prominent Saudi opposition figure in Washington.
One attempt involved the fabrication of a bogus BBC secretary and an elaborate request for a television interview; the other involved the impersonation of murdered Washington Post columnist Jamal Khashoggi to deliver a malicious link.
Defenders of media rights denounced the piracy effort, which they said would make it difficult for genuine reporters to do their job.
"It's incredibly dangerous to employ this kind of tactic," said Elodie Vialle, who heads the technology desk at Paris-based Reporters Without Borders. "The chilling effect is that people are discouraged from talking to journalists, and in the end this undermines freedom of information."
The most involved masquerade took place in February of this year, when someone posing as a BBC journalist named "Tanya Stalin" sent an email to the Saudi-based dissident Ali AlAhmed in Washington, inviting him to a live broadcast on Saudi Arabia. Stalin got involved with AlAhmed for several days, sent him a list of proposed topics and told him about the logistics of his apparent appearance on television.
Al Ahmed said he knew from the beginning that something was happening.
To begin with, Stalin said that his position was "Secretary of the Editor-in-Chief," a title that did not correspond to a job normally performed by producers or reserve managers. Even stranger, the message came through Gmail instead of an official BBC address.
And then there was his last name that raised his eyebrows.
"Stalin's business threw me out," AlAhmed said in a recent interview. "I asked my wife, who is Russian, and she said: 'Nobody has this name.'"
Al Ahmed was right. The BBC said it did not know anyone named "Tanya Stalin" who worked for the station and that the title she held did not exist formally. An Associated Press analysis of his messages suggests that the interview request was a carelessly executed trap, an attempt to have AlAhmed click on a malicious link and enter his inbox.
Al Ahmed believes that Saudi Arabia is behind Stalin's emails, as well as dozens of other suspicious messages he has received over the past year. A November 2017 letter allegedly came from Khashoggi, whose murder last month on the grounds of the Saudi Arabian Consulate in Istanbul has focused international attention on the brutality of the leadership of the Arab kingdom.
The Embassy of Saudi Arabia in Washington did not respond to written questions from the PA.
The Washington Post's executive editor, Marty Baron, said the stealing of Khashoggi's identity by hackers was "despicable."
A researcher from Internet regulator Citizen Lab recently reviewed AlAhmed's emails and confirmed that they were malicious, although he did not draw a link between the different messages or blame anyone for the piracy campaign.
"This was a targeted operation designed to gain access to their accounts and private communications," said John Scott-Railton, whose group is located at the Munk School of Global Affairs at the University of Toronto. "This seems to be closely linked to their political activities."
Some of the messages, such as a warning to install a "free security update" called "Ninja Security," were generic phishing messages of the type used by criminals and spies around the world. But many of the 40 malicious messages recovered from AlAhmed's inbox were very much in tune with current events in the Gulf.
Most disturbing was a May 31 message disguised as an event photography service, with photos of AlAhmed holding a microphone during a question and answer session with Qatar's foreign minister at the American Enterprise Institute in Washington.
The photos, which appear to have been taken from a publicly available video of the event, suggest that the hackers or someone working with them had been closely monitoring AlAhmed's whereabouts.
"That email was really when I felt scared," said AlAhmed, who says his work is largely self-funded. "They're actually physically here, they're watching me."
Scott-Railton said the persistence of the hackers and the variety of different tactics they used to try to open AlAhmed's inbox pointed to a labor-intensive effort to engage the Saudi war fly.
"For a prolonged period of time, humans were given the task of getting into their computer and getting into their head," Scott-Railton said.
As a critic of Saudi Arabia's ruling family, AlAhmed has been a regular on cable news in Arabic and English for more than a decade. For a long time he has served Washington journalists as a source about the problems of the kingdom, especially in relation to extremist propaganda in the country's school textbooks.
Saudi Arabia is a well-known cyberespionage practitioner. The country was exposed as a client of the famous Italian surveillance firm Hacking Team in 2015 and a mysterious Saudi investor has since acquired a minority stake in the company, according to a Motherboard report published this year.
Recent reports from Citizen Lab and the human rights group Amnesty International have also documented the use of Israeli-made spyware to access the smart phones of Saudi human rights activists, including Omar Abdulaziz, based in Canada, who was working with Khashoggi in several confidential projects. The columnist was killed.
Whoever is behind the false person of Tanya Stalin or of the false emails of Jamal Khashoggi, the messages give an idea of how the always overlapping superimposition between espionage and journalism has evolved in the age of Internet, with backed hackers by the government that usually personifies journalists or news organizations. hunt their prey. Even the FBI has posed as reporters to hack their targets, at one point pretending to be an AP journalist to locate a computer from a bomb threat hacker.
Scott-Railton explained that posing as a journalist was the perfect way to have someone lower their guard and click on a link or open an attachment.
"It ticks all kinds of boxes," he said. "It explains the messages from nowhere and, as part of communications with journalists, it is expected to receive documents, such as questions in advance."
The attempt to hack AlAhmed by the name of Khashoggi involved a simple link sent by email, but Tanya Stalin's trick was unusually involved.
The hackers created a fake LinkedIn profile with more than 500 connections to corroborate their identity and pass it as a graduate of journalism schools in Columbia and Berkeley. The profile photo consisted of a shot by Souad Mekhennet, a true Washington Post journalist who writes about national security and the Middle East and has covered the aftermath of Khashoggi's death.
It is not clear why the hackers used Mekhennet's photo in the simulated profile or if they even tried particularly to make the person of "Tanya Stalin" credible. Stalin did not return the messages immediately for comments. Nor was the one behind Khashoggi's fake email.
Baron, the Washington Post's chief editor, said in his statement on Wednesday that he condemned the use of Mekhennet's image and the name of Khashoggi.
"To be clear, none of these distinguished journalists had any participation in these despicable schemes," he said.
---
Online:
You can contact Raphael Satter at: http://raphaelsatter.com
---
A selection of phishing emails sent to Ali AlAhmed: https://www.documentcloud.org/search/projectid:41381-Fake-Journalist-Hackers
.
!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';
n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t,s)}(window, document,'script',
'https://connect.facebook.net/en_US/fbevents.js');
fbq('init', '369524843414444');
fbq('track', 'PageView');
.
SOURCE LINK ERESVIRAL.COM https://www.beviral.online
Comentarios
Publicar un comentario