'The iPhone that Moroccan journalist Omar Radi used to contact his
sources also allowed his government to spy on him (and at least two
other journalists), reports the Toronto Star, citing new research from
Slashdot reader Iwastheone shares their report:
Their government could read every email, text and website visited;
listen to every phone call and watch every video conference; download
calendar entries, monitor GPS coordinates, and even turn on the camera
and microphone to see and hear where the phone was at any moment.
Yet Radi was trained in encryption and cyber security. He hadn't
clicked on any suspicious links and didn't have any missed calls on
WhatsApp — both well-documented ways a cell phone can be hacked.
Instead, a report published Monday by Amnesty International shows Radi
was targeted by a new and frighteningly stealthy technique. All he had
to do was visit one website. Any website.
Forensic evidence gathered by Amnesty International on Radi's phone
shows that it was infected by "network injection," a fully automated
method where an attacker intercepts a cellular signal when it makes a
request to visit a website. In milliseconds, the web browser is
diverted to a malicious site and spyware code is downloaded that
allows remote access to everything on the phone. The browser then
redirects to the intended website and the user is none the wiser.
Two more human rights advocates in Morocco have been targeted by the
same malware, the article reports.'
-- source: https://yro.slashdot.org/story/20/06/27/029222
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174