Credits: FT News
A spying campaign that uses fake versions of encrypted apps to hack smartphones has been traced to Lebanon’s intelligence agency, revealing the growing capabilities of nation-state hackers beyond the global superpowers.
The hackers created fake versions of WhatsApp, Telegram and Signal to lure victims into a false sense of security, according to a report by mobile security company Lookout and the Electronic Frontier Foundation.
Once victims downloaded the apps from a fake app store, the hackers used them to commandeer smartphones in more than 20 countries. The report claims Lebanon was probably behind the attacks because the researchers discovered a set of test devices, which were aimed at ensuring that the malicious software and infrastructure was working properly, inside the headquarters of the country’s intelligence agency.
“As encryption becomes more ubiquitous, it gets harder to spy on people en masse, so governments will turn to these cheap and effective technologies to spy on dissident journalists, human rights activists, etc,” said Cooper Quintin, a security researcher and technologist at the EFF, a non-profit advocacy group based in San Francisco. A spokesman for Lebanon’s General Security declined to comment.
The hacking campaign — believed to have started in 2012 and to still be operational — shows the capabilities of a nation state not thought to be among the top cyber actors, which include the US, China and Russia. Hacking tools, know-how and infrastructure have filtered out to a wider range of countries that have adopted the technique for surveillance of their own populations and espionage abroad.
Vulnerabilities discovered by one set of hackers can be later used by others. For example, the leak of an exploit in Windows thought to originate from the US National Security Agency was used by the hackers behind last year’s WannaCry ransomware attack, which the US blamed on North Korea.
The alleged Lebanese hackers spread their net widely, infecting phones that belonged to everyone from military personnel to activists, journalists, lawyers, business people, medical professionals and people working at educational institutions. After they had hacked the phones, they were able to gather data including corporate documents, call records, text messages, browsing history and photos.