image courtesy pixabay.com
Clicking a seemingly harmless link can jeopardize both your device and personal data. A recent report has issued a warning based on findings that reveal cyber-surveillance firms actively focusing on journalists, policymakers, and academic researchers through various social media platforms.
While we’ve been advised to exercise caution with anonymous emails and messages to avoid potential phishing links, it’s now evident that users frequently share news articles and links on their social media profiles. Amnesty International’s Security Lab conducted an in-depth examination of the strategies employed by hackers who discreetly insert malicious links within comment sections on platforms such as X and Meta. With just a single click, these links have the power to compromise an unsuspecting user’s device.
As we casually browse through the comments on our social media posts, there lies a hidden danger— a deceptively attractive link that could serve as a gateway to a digital nightmare. Clicking on this seemingly innocuous link might not only put your device at risk but could also unleash a relentless hacker eager to access your personal data and secrets.
The report underscores the alarming reality of cyber-surveillance firms actively targeting journalists, policymakers, and academic researchers through social media platforms. What’s even more concerning is the covert approach employed by these companies as they discreetly distribute one-click spyware links within comments across various social media platforms.
For instance, a Twitter account with the handle ‘@Joseph_Gordon16’ was found to be actively sharing these malicious links as responses to tweets. What set these links apart was the use of deceptive custom URLs, cleverly mimicking legitimate news websites.
Interestingly, ‘@Joseph_Gordon16’ targeted both the official account of the European Commission (X) and the President of the European Parliament, Roberta Metsola, using the same malicious link from a spoofed southchinapost[.]net URL.
According to the report, on April 14, 2023, the operator behind the ‘@Joseph_Gordon16’ account tweeted an attack link at Tsai Ing-Wen, the President of Taiwan. This link was indirectly sent to the United States (US) Senator for North Dakota, John Hoeven (@SenJohnHoeven), due to his mention in Tsai Ing-Wen’s original tweet.
The link caavn[.]org was set up with the intention of diverting link preview requests to the legitimate South China Morning Post website. This crafty maneuver was likely orchestrated to create a legitimate link preview, a common tactic employed by cyber attackers to infiltrate unsuspecting users’ devices with spyware.
Furthermore, another Facebook account joined in the dissemination of these malicious links, featuring the same spyware domains. Using the name ‘Anh Tran,’ this Facebook account shared links that included the caavn[.]org domain. The use of identical custom domain names in links from both accounts strongly suggests a possible connection between these two social media profiles and a single operator with malicious intent.
Additional investigation conducted by Google’s Threat Analysis Group confirmed that the domains and URLs shared by the ‘@Joseph_Gordon16’ account are indeed associated with Intellexa’s Predator spyware system. This invasive tool can provide complete access to a target’s device, leaving no trace behind to avoid detection.
Intellexa presents itself as an EU-based, regulated company primarily serving law enforcement with intelligence products. Its partners include Nexa Technologies, Advanced Middle East Systems, WiSpear, Cytrox, and Senpai Technologies, overseeing various corporate entities across multiple jurisdictions.
Over the past decade, civil society groups, researchers, and journalists have consistently revealed a deeply concerning trend—a global pattern where governments unlawfully target activists, journalists, and officials through spyware tools created by private cyber-surveillance firms. These firms target individuals via social media, raising serious concerns. Vigilance, robust cybersecurity measures, and international cooperation are imperative to safeguard digital rights and privacy.
News Courtesy: indiatoday.in