S’pore academic among at least 50 targeted by spyware campaign between Feb and June: Report
SINGAPORE - A Singapore academic was among at least 50 targets of a foreign spyware campaign earlier in 2023, said Amnesty International in a report published on Oct 9.
It involved the sharing of malicious links on social media that seemingly redirected them to news articles, according to the report.
Dr Collin Koh Swee Lean, a senior fellow at the S. Rajaratnam School of International Studies’ (RSIS) Institute of Defence and Strategic Studies, was among a string of academics targeted between February and June.
Targets were sent links from an account called @Joseph_Gordon16 on social media platform X, formerly known as Twitter.
The report said the account likely had ties to Vietnam, despite the account claiming to be based in Singapore. X allows users to manually key in any location on their profiles.
The account has since been taken down.
Other targets selected included journalists, “academic researchers working on security issues in the South China Sea and Vietnam”, politicians in the European Parliament, Taiwan President Tsai Ing-wen, and several think-tanks and research organisations, said the report.
People involved in international fishing regulations were also targeted. This group included senior political officials in the European Union, the United States and elsewhere.
The Predator spyware program was sent to these people and organisations. It was developed by the Intellexa group, which was founded in 2018 by former Israeli intelligence officer Tal Dilian, and sold by a network of European companies called the Intellexa Alliance.
The program can gain total access to all the data stored in or sent from a device, including photographs, location data, chat messages and recordings, without leaving a trace.
The spyware was distributed through embedded links in posts on X that were disguised as news articles on Hong Kong daily South China Morning Post’s (SCMP) website, but redirected those who opened the links to malicious websites which would install the program on their devices.
Although these links featured previews to legitimate SCMP articles, such as an April 10 story about Chinese forces monitoring a US warship passing near the Spratly Islands, a sign that they were fake was the shortened URLs used, such as “southchinapost.net”.
SCMP’s Web address is www.scmp.com
The Spratlys, a group of islands in the South China Sea, are claimed by Brunei, China, Malaysia, Taiwan, the Philippines and Vietnam.
Dr Koh told The Straits Times that he did not know about the attempt to spy on him until after the Amnesty International report was published.
He did not recall clicking on any of the three links sent to him in April and May.
“As a matter of principle and habit, I click only on links shared by people I know on X, and not those shared by unknown accounts,” said the maritime security expert.
When contacted, RSIS said it did not know of the attempts to spy on Dr Koh, but tries to protect itself from such intrusions.
The think-tank and graduate school added that it has guidelines for social media usage. It periodically reminds staff to be careful and practise good social media habits, and to be vigilant when dealing with suspicious links, especially if these were shared by unknown accounts or sources.
The Ministry of Home Affairs said: “The Government has all along advised the public to be wary of e-mails, text messages and social media messages with suspicious URL links and to verify the authenticity of these messages before clicking on these links or attachments.”
ST has contacted SCMP for more information.
The findings in the report, dubbed the Predator Files, come after a year-long investigation based on confidential documents obtained by French investigative outlet Mediapart and German news outlet Der Spiegel.
Some 15 news outlets were involved, including the Washington Post, as well as analysts from Amnesty International’s Security Lab.
The media outlets discovered that 25 countries had bought the spyware, including Singapore. The report did not elaborate on whether the buyers were individuals, organisations or governments.
Other countries that were named as clients include Austria, Congo, Germany, Jordan, Kenya, Oman, Pakistan, Qatar, Switzerland, the United Arab Emirates and Vietnam.
Read the full story for $0.99/month
Save more than 90% on your subscription and get over 500 subscriber-only articles every month.
ST All-Digital Package - Monthly
$29.90 $0.99/month
No contract
$0.99/month for the first 3 months, $29.90/month thereafter. T&Cs apply.
Unlock these benefits
Get subscriber-only articles on ST Web and app
Easy access on up to 4 devices
2-week e-paper archive to ensure you never miss out on news that matters to you
Join ST's WhatsApp Channel and get the latest news and must-reads.
No comments:
Post a Comment