Leading Egyptian opposition politician targeted with spyware, researchers find

Sept. 24, 2023

By FRANK BAJAK

BOSTON (AP) — A leading Egyptian opposition politician was targeted with spyware multiple times after announcing a presidential bid — including with malware that automatically infects smartphones, security researchers have found. They say Egyptian authorities were likely behind the attempted hacks.

Discovery of the malware last week by researchers at Citizen Lab and Google’s Threat Analysis Group prompted Apple to rush out operating system updates for iPhones, iPads, Mac computers and Apple Watches to patch the associated vulnerabilities.

Citizen Lab said in a blog post that attempts beginning in August to hack former Egpytian lawmaker Ahmed Altantawy involved configuring his phone’s connection to the Vodaphone Egypt mobile network to automatically infect it with Predator spyware if he visited certain websites not using the secure HTTPS protocol.

Citizen Lab said the effort likely failed because Altantawy had his phone in “lockdown mode,” which Apple recommends for iPhone users at high risk, including rights activists, journalists and political dissidents in countries like Egypt.

Prior to that, Citizen Lab said, attempts were made beginning in May to hack Altantawy’s phone with Predator via links in SMS and WhatsApp messages that he would have had to click on to become infected.

Once infected, the Predator spyware turns a smartphone into a remote eavesdropping device and lets the attacker siphon off data.

Given that Egypt is a known customer of Predator’s maker, Cytrox, and the spyware was delivered via network injection from Egyptian soil, Citizen Lab said it had “high confidence” Egypt’s government was behind the attack

MORE

AP Exclusive: Polish opposition senator hacked with spyware

By VANESSA GERA and FRANK BAJAK

December 23, 2021

Polish Senator Krzysztof Brejza on the night of parliamentary elections on Oct. 13, 2019. An investigation by The Associated Press and Citizen Lab, a watchdog at the University of Toronto, has found that Brejza's mobile phone was hacked with military-grade Pegasus spyware nearly three dozen times in 2019 as he ran an opposition campaign to unseat the right-wing populist government in parliamentary elections. The ruling party won a slim majority and Brejza is convinced that the hacking of his phone gave it an unfair advantage. (AP Photo)
Polish Senator Krzysztof Brejza on the night of parliamentary elections on Oct. 13, 2019 (AP Photo)

WARSAW, Poland (AP) — Polish Sen. Krzysztof Brejza’s mobile phone was hacked with sophisticated spyware nearly three dozen times in 2019 when he was running the opposition’s campaign against the right-wing populist government in parliamentary elections, an internet watchdog found.

Text messages stolen from Brejza’s phone — then doctored in a smear campaign — were aired by state-controlled TV in the heat of that race, which the ruling party narrowly won. With the hacking revelation, Brejza now questions whether the election was fair.

It’s the third finding by the University of Toronto’s nonprofit Citizen Lab that a Polish opposition figure was hacked with Pegasus spyware from the Israeli hacking tools firm NSO Group. Brejza’s phone was digitally broken in to 33 times from April 26, 2019, to Oct. 23, 2019, said Citizen Lab researchers, who have been tracking government abuses of NSO malware for years.

The other two hacks were identified earlier this week after a joint Citizen Lab-Associated Press investigation. All three victims blame Poland’s government, which has refused to confirm or deny whether it ordered the hacks or is a client of NSO Group. State security services spokesman Stanislaw Zaryn insisted Thursday that the government does not wiretap illegally and obtains court orders in “justified cases.” He said any suggestions the Polish government surveils for political ends were false.

MORE