Human rights activist targeted by spyware
News / Human rights activist targeted by spyware
2 MIN READ
A leading human rights activist from Togo has recently been the target of spyware by a threat actor known to strike victims in South Asia, the hacker group is known by the name “Donot Team”. This incident is the group’s first incursion into digital surveillance in Africa.
Persistent Malicious Attacks
Amnesty International has uncovered evidence linking the group's infrastructure to an Indian company called Innefu Labs. They don’t claim that Innefu Labs were directly involved in targeting the activist, but rather that digital forensics uncovered trails, including IP addresses, that connect the company to the tools used to target the victim.
The responsible party has also been linked to several cyber offensives in India and Pakistan.
The activist, who wishes to remain unnamed, is believed to have been targeted with the help of fake Android applications and spyware loaded emails that could access devices. Amnesty International has stated that the persistent attacks over WhatsApp and email tried to trick the victim into installing a malicious application disguised as a secure chat application when in fact it was a custom piece of Android spyware, designed to extract some of the most sensitive and confidential and personal information stored on the activist’s phone.
The Togolese activist has worked with civil society organisations and is a crucial voice for human rights in the country. Their devices were hacked between December 2019 and January 2020 during the tense political climate before the election of the Togolese president.
Human Rights Receding
Human rights work in Togo has rapidly declined in recent years as the government decided to introduce laws curtailing the rights to freedom of expression and peaceful assembly back in 2019. Togo has also seen cases of human rights violations committed by authorities, especially against pro-democracy activists.
The threat of targeted surveillance can cause a huge burden on activists and have a devastating effect on their human rights work. Cyber surveillance could lead to more than a loss of work; if information managed to get back to government authorities then activists could find themselves in serious trouble.
Innefu Labs Response to the Attack
Innefu labs responded to Amnesty International in a statement denying the existence of any link between Innefu Labs and the Spyware associated with “Donot Team” and the attack against the human rights activist in Togo. They also stated that they are not aware of any use of their IP address for the alleged incident.
How secure is
your school?
How secure is
your school?