Vietnam accused of Predator spyware attack on EU and US politicians
Awkward, seeing as the US and Vietnam just announced a refreshed relationship
Amnesty International has accused the government of Vietnam of acquiring the notorious Predator spyware and using it for nefarious ends – including attempts to infect US and European lawmakers.
The human rights org on Monday published a report titled "The Predator Files: Caught in the Net" that details the use of spyware and its impact on human rights.
Predator is the product of a group called Intellexa that has earned itself a place on the US's list of banned tech. Analysis of the spyware suggests that when present on an Android smartphone it can record audio and steal info from messaging apps – and do it after zero-click installs that leave users oblivious to its presence.
Amnesty International's assessment of Predator describes it as "highly invasive spyware that by default gains total access to all data stored or transmitted from the target's device, and which is designed to leave no traces on the target device, to render any independent audit of potential abuses impossible." The spyware can be installed with a zero-click attack or even by a foe in close proximity to a device.
The report suggests that one of Intellexa's clients is the government of Vietnam and details the activities of a defunct X/Twitter account that used the handle @JOSEPH_GORDON16. In Amnesty's telling, @JOSEPH_GORDON16 posted messages that bore links to Intellexa servers and which, if clicked, would likely have installed Predator.
Amnesty asserts the account targeted "a Berlin-based independent news website, political figures in the European Parliament, the European Commission, academic researchers, and think tanks. In addition to these, other attempted targets include United Nations officials, the president of Taiwan, United States senators and representatives, and other diplomatic authorities."
The report suggests "agents of the Vietnamese authorities, or persons acting on their behalf, may be behind the spyware campaign."
Which is quite something, given US president Joe Biden last month visited Vietnam and announced "a historic new phase of bilateral cooperation and friendship," plus a Comprehensive Strategic Partnership.
The report declares that spyware is incompatible with human rights and alleges that – despite regulations requiring approval before its export – authorities in some European nations have ignored those requirements. On other occasions, export controls "have been circumvented," allowing sales of Predator that should not have been allowed. Greece and France are named as nations that have allowed Predator sales to Madagascar and Sudan.
The report calls for all governments to recognize the human rights impact of spyware, and work harder to prevent its use.
- Stalkerware slinger LetMeSpy shuts down for good after database robbery
- Another security update, Apple? You're really keeping up with your tech rivals
- Arm patches GPU driver bug exploited by spyware to snoop on targets
- Pot calls the kettle hack as China claims Uncle Sam did digital sneak peek first
Amnesty previously worked with journalism advocacy organization Forbidden Stories to allege widespread misuse of the Pegasus spyware. It claimed it was sold by an Israeli entity called the NSO Group, which promoted its zero-click install feature as just the thing for governments that needed to keep tabs on criminals or threats to national security.
NSO Group insisted it would only sell it to users who could prove the software would be deployed in legitimate law enforcement actions. Amnesty asserted that Pegasus had been widely used for other purposes, including snooping on heads of state, academics, diplomats, human rights advocates, and media figures.
NSO Group denied the allegations and stopped answering questions about its products and how they are used.
Intellexa also claimed to provide tools for law enforcement agencies and billed itself as EU-regulated before its website disappeared. Archived copies of intellexa.com reveal it claimed "Our cutting-edge technological platforms will help you to protect your communities from criminal activities, making them feel safer and more secure."
Amnesty believes the opposite is true. ®