from the more-bad-news-on-the-press-freedom-front dept
Columbia Journalism Review is reporting it has witnessed more malware attacks targeting journalists. An article by Financial Times cyber security head Ahana Datta details attempts to compromise a Middle East correspondent's phone via WhatsApp.
The correspondent, who I will not name for reasons that will soon become clear, mentioned that in recent weeks they had been receiving mysterious WhatsApp calls. The numbers were unrecognized. Afterward, their phone battery had drained quickly. And they were sometimes unable to end other calls, because the screen seemed to freeze.
They had been working on an investigation into surveillance on journalists and human rights activists in a particular Middle Eastern nation, and had been in contact with sources the government was hostile to. We decided the reporter was safer with a separate device for this story.
This unnamed reporter wasn't the only one targeted. Datta asked other journalists if they'd experienced similar issues. Four reporters also had noticed unusual performance issues and reported they had received fake SMS authentication codes for secure messaging apps -- codes that were sent unprompted. A few had been duped into downloading unknown software. Others reported their phones behaving strangely after their devices had been in the hands of others, like personnel at border checkpoints.
Touring other Financial Times branches, Datta found more of the same, even if the deployment methods varied a bit.
In parts of Eastern Europe, the flavor seems to be plausible deniability: threats commonly manifest in the form of creative phishing attacks, such as imposters trying to connect on LinkedIn or impersonating emails from known contacts.
[...]
Support the originator by clicking the read the rest link below.
