Salvadoran journalists’ phones hacked with spyware, report finds

Pegasus allows users to steal encrypted messages, photos, contacts, documents and other sensitive information from infected phones without users’ knowledge. (File/AFP)
Pegasus allows users to steal encrypted messages, photos, contacts, documents and other sensitive information from infected phones without users’ knowledge. (File/AFP)
Short Url
Updated 13 January 2022

Salvadoran journalists’ phones hacked with spyware, report finds

Pegasus allows users to steal encrypted messages, photos, contacts, documents and other sensitive information from infected phones without users’ knowledge. (File/AFP)
  • Report finds that nearly three dozen Salvadorian journalists had their phone hacked since mid-2020 and implanted by sophisticated spyware, aka Pegasus

SAN SALVADOR: The cell phones of nearly three dozen journalists and activists in El Salvador, several of whom were investigating alleged state corruption, have been hacked since mid-2020 and implanted with sophisticated spyware typically available only to governments and law enforcement, a Canadian research institute said it has found.
The alleged hacks, which came amid an increasingly hostile environment in El Salvador for media and rights organizations under populist President Nayib Bukele, were discovered late last year by The Citizen Lab, which studies spyware at the University of Toronto’s Munk School of Global Affairs. Human-rights group Amnesty International, which collaborated with Citizen Lab on the investigation, says it later confirmed a sample of Citizen Lab’s findings through its own technology arm.
Citizen Lab said it found evidence of incursions on the phones that occurred between July 2020 and November 2021. It said it could not identify who was responsible for deploying the Israeli-designed spyware. Known as Pegasus, the software has been purchased by state actors worldwide, some of whom have used the tool to surveil journalists.
In the El Salvador attack, the heavy focus on editors, reporters and activists working inside that single Central American country points to a local customer with a particular interest in their activities, said Scott-Railton, a senior researcher at Citizen Lab.
“I can’t think of a case where near-exclusive Pegasus targeting in one country didn’t wind up being a user in that country,” Scott-Railton said.
Citizen Lab released a report https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-ci... on its findings on Wednesday.
In a statement to Reuters, Bukele’s communications office said the government of El Salvador was not a client of NSO Group Technologies, the company that developed Pegasus. It said the administration is investigating the alleged hacking and had information that some top administration officials also might have had their phones infiltrated.
“We have indications that we, government officials, are also victims of attacks,” the statement said.
Pegasus allows users to steal encrypted messages, photos, contacts, documents and other sensitive information from infected phones without users’ knowledge. It can also turn handsets into eavesdropping devices by silently activating their cameras and microphones, according to product manuals reviewed by Reuters.
NSO, which has long kept its client list confidential, declined to comment on whether El Salvador was a Pegasus customer. The company said in a statement that it sells its products only to “vetted and legitimate” intelligence and law enforcement agencies to fight crime and that it is not involved in surveillance operations. NSO said it has a “zero-tolerance” policy for misuse of its spyware for activities such as monitoring dissidents, activists and journalists and that it has terminated contracts of some customers who have done so.
Citizen Lab researchers said they began a forensic analysis of the El Salvador phones in September after being contacted by two journalists there who suspected their devices might be compromised.
Researchers said they ultimately found evidence that spyware had been planted on a total of 37 devices belonging to three human-rights groups, six news publications and an independent journalist.
Hardest hit was the online news site El Faro. Citizen Lab researchers said they found telltale tracks of spyware infections on the cell phones of 22 reporters, editors and administrative personnel — more than two-thirds of the company’s staff — and evidence that data had been stolen from many of those devices, including a few that had several gigabytes of material extracted.
El Faro was under constant surveillance during at least 17 months, between June 29, 2020 and November 23, 2021, with the phone of Editor-in-Chief Oscar Martinez infiltrated at least 42 times, Citizen Lab claimed.
“It is hard for me to think or conclude something other than the government of El Salvador” was behind the alleged hacks, Martinez said. “It’s evident that there is a radical interest in understanding what El Faro is doing.”
During the time of the purported infiltrations with Pegasus, El Faro reported extensively on scandals involving Bukele’s government, including allegations that he was negotiating a financial deal with El Salvador’s violent street gangs to reduce the homicide rate to boost popular support for the president’s New Ideas party.
Bukele, who spars frequently with the press, publicly condemned El Faro’s reporting on those purported talks as “ridiculous” and “false information” in a September 3, 2020 Twitter post.
Phone snooping isn’t new to El Salvador, according to Citizen Lab. It alleged in a 2020 report that El Salvador was among at least 25 countries using a bulk surveillance technology made by an Israeli company called Circles. The Circles technology differs from Pegasus in that it vacuums up data from the global phone network instead of planting spyware on specific devices. The report claimed the Circles system had been in operation in El Salvador since 2017.
Circles could not immediately be reached for comment.
Sofia Medina, Bukele’s communications secretary, noted that his administration was not in power in 2017 and claimed, without providing evidence, that the alleged Pegasus attacks appeared to be a continuation of surveillance launched by an unknown “powerful group.”
Citizen Lab’s latest investigation in El Salvador was conducted as a collaboration with digital-rights group Access Now, with investigative assistance from human-rights groups Frontline Defenders, SocialTIC and Fundacion Acceso.


Al Arabiya crew caught in a Daesh ambush in Al-Hasakah

Al Arabiya crew caught in a Daesh ambush in Al-Hasakah
Updated 27 January 2022

Al Arabiya crew caught in a Daesh ambush in Al-Hasakah

Al Arabiya crew caught in a Daesh ambush in Al-Hasakah
  • “We have been caught in crossfire, Al Arabiya crew has been caught in crossfire after Daesh fighters moved in the vicinity of the prison.”

LONDON: The dramatic moment when an Al Arabiya TV crew was caught in a Daesh ambush on Thursday in the northwestern Syrian city of Al-Hasakah was captured live on air.

The channel broadcast the video of Daesh fighters firing on the news team, Kurdish, and US forces with footage showing members of the film crew taking refuge behind a car.

The news presenter is heard saying, “we have been caught in crossfire, Al Arabiya crew has been caught in crossfire after Daesh fighters moved in the vicinity of the prison.”

The incident came after Kurdish forces, backed by US-led anti-Daesh coalition forces, recaptured Ghwayran prison in Al-Hasakah after six days of fighting sparked by a Daesh attempt to free jailed fighters.

Al Arabiya footage shows Kurdish forces engage in a fierce gun battle with Daesh fighters in Al-Hasakah. (Al Arabiya)

The jail held about 3,500 Daesh prisoners when the initial attack was launched on Jan. 20 using explosive-laden vehicles driven by suicide bombers.

The prison break bid and the fighting that ensued immediately after resulted in the death of more than 200 people, including 124 Daesh militants, 50 Kurdish fighters, and seven civilians. More casualties were expected to be found as Kurdish forces gained access to all parts of the jail.

The heavy fighting saw Daesh fighters seize control of a north wing in the prison, using child inmates as human shields. According to the Syrian Observatory for Human Rights, at least 850 children and minors were caught in crossfire when Kurdish forces stormed the jail.

Ghwayran prison is one of the largest facilities where the Kurdish administration holds Daesh detainees.


Bloomberg announces 2022 Gender-Equality Index, names WPP for 4th consecutive year

Bloomberg announces 2022 Gender-Equality Index, names WPP for 4th consecutive year
Updated 27 January 2022

Bloomberg announces 2022 Gender-Equality Index, names WPP for 4th consecutive year

Bloomberg announces 2022 Gender-Equality Index, names WPP for 4th consecutive year
  • GEI tracks the performance of public companies committed to advancing gender equality in the workplace

DUBAI: Multinational advertising and communication group WPP has been named in the 2022 Bloomberg Gender-Equality Index (GEI) for the fourth consecutive year.

WPP CEO Mark Read said that the company is a “people business” and its “client work directly benefits from having diversity in our teams.”

He added: “We’re proud of our recognition in the Bloomberg Gender-Equality Index, which reflects our continued investment in our people and culture, and our progress in driving greater gender balance throughout the company.”

Peter T. Grauer, chairman of Bloomberg, said: “We are proud to recognize WPP and the other 417 companies included in the 2022 GEI for their commitment to transparency and setting a new standard in gender-related data reporting.”

The Index tracks the performance of public companies committed to advancing gender equality in the workplace, and helps bring transparency to gender-related practices and policies at publicly-listed companies around the world, increasing the environmental, social, governance (ESG) data available to investors.

This year, Bloomberg lost a total of 418 companies representing a combined market capitalization of $16 trillion from across 45 territories.

A record number of companies disclosed their data for this year’s GEI by using the GEI Framework, marking a 20 percent increase year-over-year.

The GEI Framework scores companies across five pillars: Female leadership and talent pipeline, equal pay and gender pay parity, inclusive culture, anti-sexual harassment policies, and pro-women brand. Bloomberg also requests information from other expanded areas to support the broader goal of providing more robust ESG data to investors.

“Even though the threshold for inclusion in the GEI has risen, the member list continues to grow. This is a testament that more companies are working to improve upon their gender-related metrics, fostering more opportunity for diverse talent to succeed in their organizations,” said Grauer.


Iran state TV shows dissidents’ images after apparent hack

Iran state TV shows dissidents’ images after apparent hack
Updated 27 January 2022

Iran state TV shows dissidents’ images after apparent hack

Iran state TV shows dissidents’ images after apparent hack
  • The hack represented a major breach of Iranian state television
  • For several seconds, graphics flashed on screen showing the leaders of the Mujahedeen-e-Khalq

DUBAI: Channels of Iran’s state television broadcast images Thursday showing the leaders of an exiled dissident group and a graphic demanding the country’s supreme leader be killed, an incident that state TV later described as a hack.
For several seconds, graphics flashed on screen showing the leaders of the Mujahedeen-e-Khalq and the name of a social media account, which claimed to be a group of hackers who broadcast the message honoring the dissidents.
The MEK, now largely based in Albania, did not immediately answer telephone calls seeking comment.
The hack represented a major breach of Iranian state television, long believed to controlled and operated by members of the Islamic Republic’s intelligence branches, particularly its hard-line Revolutionary Guard. Such an incident hasn’t happened for years.
Iran’s state TV acknowledged the breach as a “hack,” saying the case was “under investigation.”
A clip of the incident seen by the AP showed the faces of MEK leaders Massoud Rajavi and his wife, Maryam Rajavi, suddenly superimposed on the channel’s regular 3 p.m. news programming. A man’s voice chants, “Salute to Rajavi, death to (supreme leader) Khamenei.”
Then, a speech from Rajavi briefly plays over the images. He can be heard saying, “Today, we still honor the time that we declared death to the reactionary. We stood by it ...”
Massoud Rajavi hasn’t been seen publicly in nearly two decades and is presumed to have died. Maryam Rajavi now runs the MEK.
The MEK began as a socialist organization against the rule of Shah Mohammad Reza Pahlavi. It claimed and was suspected in a series of attacks against US officials in Iran in the 1970s, something the group now denies.
It supported the 1979 Islamic Revolution, but soon had a falling out with Ayatollah Ruhollah Khomeini and turned against the clerical regime. It carried out a series of assassinations and bombings targeting the young Islamic Republic.
The MEK later fled into Iraq and backed dictator Saddam Hussein during his bloody eight-year war against Iran in the 1980s. That saw many oppose the group in Iran, though to this day it claims to operate a network inside of the country.


Advertising Business Group brings award-winning qualification programs to MENA region

Advertising Business Group brings award-winning qualification programs to MENA region
Updated 27 January 2022

Advertising Business Group brings award-winning qualification programs to MENA region

Advertising Business Group brings award-winning qualification programs to MENA region
  • Programs include the IPA’s Foundation Certificate and Excellence Diplomas in Brands and Business

DUBAI: The UAE-based Advertising Business Group has partnered with the UK-based Institute of Practitioners in Advertising to bring the latter’s training programs to the region.

The IPA’s professional development program has so far helped 30,870 delegates in 87 countries expand their understanding and skills related to advertising.

“As communication becomes increasingly globally interconnected, it is vital that learning and development is available to as many people as possible all over the world, so we can share expertise, language and experience to deliver better work for our clients and agencies,” said Louise Hinchliffe, the IPA’s associate director of professional development.

ABG members will get discounted access to a range of IPA qualifications, including the entry-level Foundation Certificate, and Excellence Diplomas in Brands and Business.

“Knowledge- and capability-building is a key pillar of the ABG, and we are committed to providing the MENA advertising and marketing industry with the latest resources and tools to create accountable and effective marketing,” said ABG chairman Sanjiv Kakkar, the executive vice-president of Unilever MENA, in a statement.

“This partnership will go a long way in helping strengthen talent, growing the industry and raising standards,” he added.

The two bodies are running an introductory workshop for ABG members on February 3, which will include a presentation from Sera Holland, author of “IPA Effectiveness Essentials” and co-chair of the IPA Excellence Diploma in Brands.


Spotify removing Neil Young’s music after his Joe Rogan ultimatum

Spotify removing Neil Young’s music after his Joe Rogan ultimatum
Updated 27 January 2022

Spotify removing Neil Young’s music after his Joe Rogan ultimatum

Spotify removing Neil Young’s music after his Joe Rogan ultimatum
  • ‘Spotify has become the home of life threatening COVID misinformation. Lies being sold for money’

Neil Young’s music is being removed from Spotify’s streaming service after the singer-songwriter objected to his songs playing on the same platform that offers Joe Rogan’s podcast, the company and the musician said on Wednesday.
Earlier this week, Young had released a letter addressed to his manager and record label, Warner Music Group , demanding that Spotify no longer carry his music because he said Rogan spreads misinformation about COVID-19 vaccines.
On Wednesday, the “Heart of Gold” and “Rocking In the Free World” singer thanked his record label for “standing with me in my decision to pull all my music from Spotify,” and he encouraged other musicians to do the same.
“Spotify has become the home of life threatening COVID misinformation,” he said on his website. “Lies being sold for money.”
The Swedish company said it worked to balance “both safety for listeners and freedom for creators” and had removed more than 20,000 podcast episodes related COVID-19 in accordance with its “detailed content policies.”
“We regret Neil’s decision to remove his music from Spotify, but hope to welcome him back soon,” Spotify said in a statement.
Rogan, 54, is the host of “The Joe Rogan Experience,” the top-rated podcast on Spotify, which holds exclusive rights to the program.
He has stirred controversy with his views on the pandemic, government mandates and vaccines to control the spread of the coronavirus.
Earlier this month, 270 scientists and medical professionals signed a letter urging Spotify to take action against Rogan, accusing him of spreading falsehoods on the podcast.
Young, 76, said Spotify accounted for 60 percent of the streaming of his music to listeners around the world. The removal is “a huge loss for my record company to absorb,” he said.