Latest news with #CitizenLab
Bloomberg
02-05-2025
- Politics
- Bloomberg
Thai Security Services Doxxing Activists, Watchdog Says
Thai security services are doxxing pro-democracy activists on Facebook and X, urging their followers to harass them in a campaign of intimidation, cybersecurity researchers said. The country's security services control an X account that has posted photos of more than 100 protesters, researchers at the watchdog group Citizen Lab said in a report published Wednesday. The account, purported to be run by a middle-aged businesswoman known as Juk Khlong Sam, is still active and has gained more than 110,000 followers, often urging action against those pictured. Several active Facebook accounts with a combined 130,000 followers used the same playbook, researchers said.
The Guardian
20-03-2025
- Business
- The Guardian
Australian government agencies could be customers of Israeli spyware, research suggests
Australian government agencies could be customers of military-grade spyware from Israeli firm Paragon Solutions, a new report suggests. In January, Meta revealed more than 90 people, including journalists, had their WhatsApp compromised by the software, although it is unknown if any Australians were targeted. In a report published by the Citizen Lab on Wednesday, the group identified two IP addresses located in Australia among countries where the company's Graphite spyware tool was suspected to have been used. Citizen Lab had received a tip which they believe allowed Paragon's server infrastructure to be mapped. The software can provide full access to the instant messaging apps on a user's device. The service is only sold to governments around the world. It is not sold to private enterprises. Sign up for Guardian Australia's breaking news email Neither of the Australian domains listed in the report show any records of having being owned before, according to a who-is domain search conducted on the two sites listed. The domains could have been used by any federal or state agency. Sources have told Guardian Australia that the Department of Home Affairs and Australian Signals Directorate have no links to Paragon Solutions. When asked if Paragon had Australian customers, or if the software had been used to target Australians, the company did not directly respond to the question. 'Paragon's mission is to support national security and law enforcement agencies, in full accordance with applicable laws and regulations, in their fight against serious crime and terrorism while minimising the impact on privacy,' the company's executive chairman, John Fleming, said. 'Paragon maintains a robust due diligence framework to vet customers, ensuring they operate within democratic systems and that their law enforcement and intelligence agencies have the proper legal framework to use our tools. We have a zero-tolerance policy for customers who violate our terms of service, and a proven track record of enforcing those rules.' If the Australian government is a customer there is no suggestion by Citizen Lab in their report that they have misused it or violated Paragon's terms of service. The Citizen Lab report came after WhatsApp owner, Meta announced in January it had 'high confidence' that 90 journalists and other members of civil society had been compromised on the messaging platform, after being targeted by spyware owned by Paragon Solutions. WhatsApp had sent Paragon a cease and desist letter and said it was exploring its legal options. The company alerted those who had been targeted at the time. Sign up to Breaking News Australia Get the most important news as it breaks after newsletter promotion When asked whether Australians were targeted, Meta declined to comment further. An Italian investigative journalist, Francesco Cancellato, who is known for exposing young fascists within prime minister Giogia Meloni's far-right party, came forward after receiving a notification from WhatsApp about the attack. Paragon Solutions terminated its contract with Italy after the revelations. Meloni's office denied that domestic intelligence services or the government were behind the alleged breaches against the journalist and activists. Citizen Lab, based at the University of Toronto, are specialists at researching cyber and surveillance techniques.
Yahoo
20-03-2025
- Politics
- Yahoo
Ontario police may have secretly used controversial Israeli spyware, report finds
Researchers say Ontario Provincial Police (OPP) may have secretly used controversial Israeli spyware technology, raising concerns about potential spying on citizens. Citizen Lab, which investigates digital espionage against civil society, released a report Wednesday identifying "possible links" between the OPP and Paragon Solutions, a company that sells military-grade spyware called Graphite to government clients. Graphite can be used to hack into phones, and was recently found to have been used against an Italian journalist and activists who supported migrants, after Meta-owned messaging app WhatsApp reported to nearly 100 users in January that their cellphones may have been compromised. Human rights group Amnesty International called the discovery out of Italy "alarming" and said it underscored worsening digital surveillance across Europe. Based on a tip from a collaborator, Citizen Lab mapped out servers connected to Paragon's Graphite tool and found suspected deployments at five IP addresses in Ontario. One of those IP addresses was traced to OPP headquarters in Orillia, Ont. OPP did not confirm or deny the use of Paragon spyware. Acting Staff Sgt. Jeffrey Del Guidice said in an email to CBC News that the "interception of private communications" requires judicial authorization and is only used in serious criminal investigations. "The OPP uses investigative tools and techniques in full compliance with the laws of Canada, including the Charter of Rights and Freedoms," Del Guidice said. "Releasing information about specific investigative techniques and technology could jeopardize active investigations and threaten public and officer safety." Paragon was founded in Israel in 2019 and is now U.S.-owned. Its founders include former Israeli Prime Minister Ehud Barak, as well as Ehud Schneorson, the former commander of Israel's Unit 8200, a secretive cyber warfare unit that was tied to last year's pager attacks in Lebanon that killed more than 30 people and wounded thousands. The company's minimal website says it provides clients with "cyber and forensic capabilities to locate and analyze digital data, cyber workforce training, and critical infrastructure analysis and threat mitigation." Law enforcement use of spyware growing, researchers say Kate Robertson, a senior researcher at Citizen Lab, says the findings underscore the need for governments and privacy regulators to raise questions about the use of spyware against citizens, and for law enforcement agencies to be transparent about the tools they're using. "When governments themselves become buyers in this proliferating hack-for-hire industry, they're actually investing in the insecurity and vulnerability of our everyday devices that we depend heavily on to be safe for all of our daily needs," Robertson told CBC News. "It's really turning cybersecurity on its head, to have governments themselves help actors to harbour and exploit vulnerabilities, as opposed to patching them." Citizen Lab also reported in 2020 that the OPP developed a technology to scrape communications from private, password-protected online chatrooms without obtaining judicial authorization. WATCH | RCMP deputy commissioner discusses controversial usage of spyware technology: The group's Wednesday report also detailed evidence of "a growing ecosystem of spyware capability" among both the RCMP and Ontario-based police services. In 2022, the RCMP admitted it had used spyware that it called an "On-Device Investigative Tool" (ODIT) from an unnamed vendor to collect data and infiltrate mobile devices in more than 30 investigations dating back to 2017, without consulting the public or the Privacy Commissioner of Canada. Citizen Lab researchers obtained public court records showing OPP had also used the RCMP's ODITs in a 2019 investigation, and that the Toronto Police Service (TPS) independently obtained ODIT software from an unknown source. They say they also learned of other cases that have been before Ontario courts, or are currently before them, involving other police services that possess ODITS or have sought authorization to deploy them, including York Regional Police Service, Hamilton Police Service and Peel Regional Police Service, in addition to OPP and TPS. "The apparent expansion of spyware capabilities to potentially multiple police services across Ontario reflects a widening gap in public awareness surrounding the extent to which mercenary spyware is being deployed in Canada," the report states. CBC News reached out to both the Information and Privacy Commissioner of Ontario and the Office of the Privacy Commissioner of Canada, but did not hear back in time for publication.
CBC
20-03-2025
- Politics
- CBC
Ontario police may have secretly used controversial Israeli spyware, report finds
Social Sharing Researchers say Ontario Provincial Police (OPP) may have secretly used controversial Israeli spyware technology, raising concerns about potential spying on citizens. Citizen Lab, which investigates digital espionage against civil society, released a report Wednesday identifying "possible links" between the OPP and Paragon Solutions, a company that sells military-grade spyware called Graphite to government clients. Graphite can be used to hack into phones, and was recently found to have been used against an Italian journalist and activists who supported migrants, after Meta-owned messaging app WhatsApp reported to nearly 100 users in January that their cellphones may have been compromised. Human rights group Amnesty International called the discovery out of Italy "alarming" and said it underscored worsening digital surveillance across Europe. Based on a tip from a collaborator, Citizen Lab mapped out servers connected to Paragon's Graphite tool and found suspected deployments at five IP addresses in Ontario. One of those IP addresses was traced to OPP headquarters in Orillia, Ont. OPP did not confirm or deny the use of Paragon spyware. Acting Staff Sgt. Jeffrey Del Guidice said in an email to CBC News that the "interception of private communications" requires judicial authorization and is only used in serious criminal investigations. "The OPP uses investigative tools and techniques in full compliance with the laws of Canada, including the Charter of Rights and Freedoms," Del Guidice said. "Releasing information about specific investigative techniques and technology could jeopardize active investigations and threaten public and officer safety." Paragon was founded in Israel in 2019 and is now U.S.-owned. Its founders include former Israeli Prime Minister Ehud Barak, as well as Ehud Schneorson, the former commander of Israel's Unit 8200, a secretive cyber warfare unit that was tied to last year's pager attacks in Lebanon that killed more than 30 people and wounded thousands. The company's minimal website says it provides clients with "cyber and forensic capabilities to locate and analyze digital data, cyber workforce training, and critical infrastructure analysis and threat mitigation." Law enforcement use of spyware growing, researchers say Kate Robertson, a senior researcher at Citizen Lab, says the findings underscore the need for governments and privacy regulators to raise questions about the use of spyware against citizens, and for law enforcement agencies to be transparent about the tools they're using. "When governments themselves become buyers in this proliferating hack-for-hire industry, they're actually investing in the insecurity and vulnerability of our everyday devices that we depend heavily on to be safe for all of our daily needs," Robertson told CBC News. "It's really turning cybersecurity on its head, to have governments themselves help actors to harbour and exploit vulnerabilities, as opposed to patching them." Citizen Lab also reported in 2020 that the OPP developed a technology to scrape communications from private, password-protected online chatrooms without obtaining judicial authorization. WATCH | RCMP deputy commissioner discusses controversial usage of spyware technology: 3 years ago Duration 10:29 The group's Wednesday report also detailed evidence of "a growing ecosystem of spyware capability" among both the RCMP and Ontario-based police services. In 2022, the RCMP admitted it had used spyware that it called an "On-Device Investigative Tool" (ODIT) from an unnamed vendor to collect data and infiltrate mobile devices in more than 30 investigations dating back to 2017, without consulting the public or the Privacy Commissioner of Canada. Citizen Lab researchers obtained public court records showing OPP had also used the RCMP's ODITs in a 2019 investigation, and that the Toronto Police Service (TPS) independently obtained ODIT software from an unknown source. They say they also learned of other cases that have been before Ontario courts, or are currently before them, involving other police services that possess ODITS or have sought authorization to deploy them, including York Regional Police Service, Hamilton Police Service and Peel Regional Police Service, in addition to OPP and TPS. "The apparent expansion of spyware capabilities to potentially multiple police services across Ontario reflects a widening gap in public awareness surrounding the extent to which mercenary spyware is being deployed in Canada," the report states.
Yahoo
19-03-2025
- Business
- Yahoo
Paragon Spyware Tool Linked to Canadian Police, Watchdog Says
(Bloomberg) -- A Canadian law enforcement agency is suspected to have used spyware designed to hack into mobile phones and eavesdrop on messages, according to cybersecurity researchers from the University of Toronto. NYC Plans for Flood Protection Without Federal Funds Despite Cost-Cutting Moves, Trump Plans to Remake DC in His Style A Malibu Model for Residents on the Fire Frontlines The Scary Thing About the Wildfire That Was Stopped Tel Aviv-based Paragon sells the spyware to governments and law enforcement agencies for the purposes of fighting serious crime. However, Meta Platforms Inc.'s WhatsApp said in February it had identified Paragon's technology being used against activists and journalists in Europe. Researchers at the watchdog group Citizen Lab in a report published Wednesday said they found evidence linking Paragon's spyware to countries including Australia, Canada, Cyprus, Denmark, Israel, and Singapore. Paragon's spyware, known as 'Graphite,' breaks into a device and covertly records messages sent using WhatsApp and other encrypted chat apps, such as Signal. Citizen Lab found that spyware victims, who were using Android phones, had been added to a WhatsApp group and then sent a malicious PDF file, which silently compromised the devices without them clicking on the PDF or otherwise engaging in the group. Citing a detailed analysis of digital records, the research organization said it suspected that computers under the control of Ontario Provincial Police had deployed the spyware. John Fleming, executive chairman of Paragon's US division and a former assistant director of the Central Intelligence Agency, said in a statement that some of Citizen Lab's research 'appears to be inaccurate,' but declined to offer specifics. He said Paragon's technology was designed to support counterterrorism, counter-narcotics, and counterintelligence. 'We require all users of our technology to adhere to terms and conditions that preclude the illicit targeting of journalists and other civil society leaders,' Fleming said. 'While we are not able to discuss individual customers, we have a zero-tolerance policy for violations of our terms of service.' Ontario Provincial Police didn't immediately respond to a request for comment. Paragon's spyware enables what are known as 'zero click' intrusions, because they require no user interaction for the phone to be compromised. Once it had gained a foothold on the device, the spyware appeared to hide itself within other legitimate apps on the phone, making it difficult to discover, according to Citizen Lab's report. John Scott-Railton, senior researcher at Citizen Lab, said the findings amounted to the first-ever public forensic analysis of Paragon's spyware. He called on governments to be more transparent about how they are using the technology. 'We just know, even in democracies, states have an appetite for abusing secret surveillance powers, and the more secret this stuff is, the more likely it is to be abused,' said Scott-Railton. Paragon has previously said it would only sell its technology to democratic governments, positioning itself as an alternative to Israel's notorious spyware seller NSO Group, which was persistently dogged by allegations of helping autocratic governments target journalists and activists. WhatsApp announced in February that it discovered Paragon's spyware had been used in a hacking campaign that had targeted nearly 100 people across Europe, including activists and journalists. A WhatsApp spokesperson said commercial spyware had been 'weaponized' to target civil society and added companies selling it 'must be held accountable.' Paragon didn't respond to requests for comment on WhatsApp's allegations. In December, Paragon was acquired by US private equity firm AE Industrial Partners in a deal worth up to $900 million. A representative for AE declined to comment. Tesla's Gamble on MAGA Customers Won't Work The Real Reason Trump Is Pushing 'Buy American' How TD Became America's Most Convenient Bank for Money Launderers The Future of Higher Ed Is in Austin A US Drone Maker Tries to Take Back the Country's Skies ©2025 Bloomberg L.P.
