Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Lebanon Must Investigate Claims of Mass Spying: Rights Groups

Eight rights groups including Human Rights Watch called on Lebanese authorities Wednesday to investigate reports of a massive espionage campaign traced back to a government security agency.

Eight rights groups including Human Rights Watch called on Lebanese authorities Wednesday to investigate reports of a massive espionage campaign traced back to a government security agency.

Digital researchers last week said they had uncovered a hacking campaign using malware-infected messaging apps to steal smartphone data from people in more than 20 countries, including journalists and activists.

The report tracked the threat, which the researchers dubbed “Dark Caracal“, to a building in Beirut belonging to the Lebanese General Security Directorate.

Eight rights groups and media organizations called on Lebanon’s general prosecutor on Wednesday to investigate who was behind the campaign.

“If these allegations are true, this intrusive surveillance makes a mockery of people’s right to privacy and jeopardises free expression and opinion,” said Lama Fakih, deputy Middle East director at Human Rights Watch. “Lebanese authorities should immediately end any ongoing surveillance that violates the nation’s laws or human rights, and investigate the reports of egregious privacy violations.”

Other signatories included the Lebanese Center for Human Rights (CLDH), the SKeyes Center for Media and Cultural Freedom, and Lebanon’s Social Media Exchange (SMEX).

Hundreds of gigabytes of data have been taken from thousands of victims in more than 21 countries, said the report, authored by digital rights group Electronic Frontier Foundation and mobile security firm Lookout.

They called Dark Caracal “one of the most prolific” mobile espionage campaigns to date. With fake versions of secure messaging services like WhatsApp and Signal, the scheme has enabled attackers to take pictures, capture audio, pinpoint locations, and mine handsets for private data.

According to the report, Dark Caracal used FinFisher, surveillance software used by governments around the world.

In 2015, Toronto-based research group Citizen Lab found that General Security and other Lebanese security forces have used FinFisher for surveillance in Lebanon.

General Security chief Abbas Ibrahim did not explicitly deny the report.

“The report is very, very, very exaggerated. We don’t have these capabilities. I wish we had those abilities,” he said.

In comments to the media, Interior Minister Nouhad Mashnuq also appeared to confirm there was at least some truth to the report. “It’s not that it’s not true, it’s just very overblown,” said Mashuq.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.