Journalists in Africa being targeted by Pegasus spyware, CPJ warns, recommends steps to take

Today News Africa
Today News Africa
TODAY NEWS AFRICA L.L.C. is Africa's leading newspaper in the United States. Our media house is registered and headquartered in Washington, District of Columbia. Our Twitter handle is @todaynewsafrica and our email is contactus@todaynewsafrica.com

Must Read

National Arts Theatre: Consortia want CBN to stop action on purported takeover

Two Nigerian companies, Topwide Apeas and Jadeas Trust, have called on the Infrastructure Concession Regulatory Commission,...

Opportunity for crypto in Africa is enormous and will impact everyone – Luno CEO Marcus Swanepoel

Luno CEO Marcus Swanepoel, speaking at AfricaCom 2019, has outlined how the implementation and use of...

Zedcap Partners adjudged best brokerage service firm at 2019 FMDQ gold awards

Zedcap Partners Limited (ZPL), the Securities Brokerage arm of Zedcrest Capital Limited has been adjudged the...

Thousands arrive in Addis Ababa to lift Africa’s industrial sector

Thousands of people have arrived in Addis Ababa, the Ethiopian capital, for the 2019 Africa Industrialization...

How to rank high on Google – Simon Ateba

Our website, todaynewsafrica.com, had great original content from across Africa, but we were still not ranking...

President Buhari congratulates Bayelsa governor-elect on bloody election victory

In a statement, the presidency in Nigeria said: "President Muhammadu Buhari congratulates most warmly, the All...

Nigerians sweep Jack Ma Foundation’s $1 million awards to 10 African entrepreneurs

Nigerian Temie Giwa-Tubosun, founder and CEO of LifeBank company, on Saturday night won the first prize...

I’m a patriot – Nigeria Senate President Ahmad Lawan

The President of the Nigerian Senate, Ahmad Lawan, has said the ninth National Assembly has consciously...

The Committee to Protect Journalists, CPJ, on Wednesday, issued a safety advisory for journalists around the world, including those in Africa, saying that Pegasus spyware, which compromises mobile devices, is being used to target journalists.

“Pegasus is a spyware created for mobile devices which transforms a cellphone into a mobile surveillance station,” CPJ wrote.

Read the full advisory below.

Pegasus is a spyware created for mobile devices which transforms a cellphone into a mobile surveillance station. Researchers have documented it being used to spy on journalists. This raises significant implications for journalists’ own security and that of their sources.

In 2018, Citizen Lab said it had detected Pegasus in over 45 countries. Pegasus could have been deployed against journalists and civil society actors in Mexico, Saudi Arabia, Bahrain, Morocco, Togo, Israel, the U.S., and the United Arab Emirates, the report found.

In May 2019, a vulnerability was identified in the messaging app WhatsApp that, before it was patched, infected some of its users’ phones with spyware, including over 100 human rights defenders and journalists in at least 20 countries, according to Citizen Lab. WhatsApp, which is owned by Facebook, later identified that spyware as Pegasus or a variant produced by the Israel-based NSO Group, which markets tools for investigating crime and terrorism to government agencies. (NSO Group has repeatedly told CPJ that it will not comment on individual cases, but investigates reports that its products were misused in breach of contract.)

The spyware gives the attacker the ability to monitor, record, and collect existing and future data from the phone. This includes calls and information from messaging applications and real-time location data. The spyware is able to remotely activate the camera and microphone to surveil the target and their surroundings.

Pegasus is designed to be installed on phones running Android, BlackBerry OS, and iOS without alerting the target to its presence. Journalists will likely only know if their phone has been infected if the device is inspected by a tech expert.

If you have reason to believe you have been targeted and have spyware on your device:

  • Stop using the device immediately.
  • Put the device somewhere that does not compromise you or your surroundings.
  • Log out of all accounts and unlink them from the device.
  • From a different device, change all your account passwords.
  • Seek expert digital security advice. If you are a freelance journalist or do not have access to tech support, contact the Access Now Helpline.

Pegasus can be installed in a number of ways. Journalists should keep up to date on these methods and take appropriate steps to protect themselves and their sources.

Zero-day attacks

Zero-day attacks exploit vulnerable software, not people. They require no interaction from the user.

Reports from the WhatsApp hack stated that the attack took the form of calls from unknown numbers to users which resulted in the app crashing. The numbers disappeared from the call log, leaving no record of a missed call or who had made it.

Protecting yourself against a zero-day attack is difficult. Journalists who may be targeted by a sophisticated adversary such as a government should consider changing cheap, burner phones every few months as a precaution. If possible, contact a digital security expert for one-to-one support.

Spear-phishing attacks

Attackers create tailor-made messages that are sent to a specific journalist. These messages convey a sense of urgency and contain a link or a document which the journalist is encouraged to click on. The messages come in a variety of forms, including SMS, email, through messaging apps such as WhatsApp or via messages on social media platforms. Once the journalist has clicked on the link, then the spyware is installed on their phone.

Research by Citizen Lab and Amnesty International found that messages tend to take the following forms:

  • Messages purporting to be from a known organization such as an embassy or a local news organization.
  • Messages that warn the target may be facing an immediate security threat.
  • Messages that raise any work-related issue, such as covering an event that the target usually reports on.
  • Messages that make appeals on personal matters, such as those relating to compromising photos of partners.
  • Financial messages that reference purchases, credit cards, or banking details.

The suspect messages may also arrive from unknown numbers.

Attackers can target personal and work phones. To better protect themselves and their sources, journalists should:

  • Verify the link with the sender through a different channel of communication. This should preferably be through video or voice.
  • If the sender is not previously known to you, secondary channels may not provide successful verification of the links, as secondary channels may be set up by the adversary as part of an elaborate cover identity.
  • If the link utilizes a URL shortener service like TinyURL or Bitly, input the link into a URL expander service such as Link Expander or URLEX. If the expanded link looks suspicious, for instance mimicking a local news website but not being quite the same, do not click on the link.
  • If you feel you need to open the link, do not use your primary device. Open the link on a separate, secondary device that does not have any sensitive information or contact details, and is used solely for viewing links. Carry out a factory reset on the device regularly (keeping in mind that this might not remove the spyware). Keep the secondary device turned off, with the battery removed, when not in use.
  • Use a non-default browser for the phone. Pegasus is believed to target default browsers. The default browser for Android is Chrome and the default browser for iOS is Safari. Use an alternative browser such as Firefox Focus and open the link in that. However, there is no guarantee that Pegasus will not, or has not, already targeted other browsers.

Physical installation by an adversary

Pegasus can also be installed on your phone if an adversary gains physical access to the device. To reduce risk:

  • Do not leave your device unattended and avoid handing over your phone to others.
  • When crossing a border or checkpoint ensure that you can see your phone at all times Turn off the phone before arriving at the checkpoint, and have a complex passphrase consisting of both letters and numbers. Be aware that if your phone is taken then the device may be compromised.

For more information to protect yourself and your sources, consult CPJ’s Digital Safety Kit.

With thanks to Citizen Lab for valuable insight.


Please enter your comment!
Please enter your name here

Read also

Nigerian Wendy Okolo, one of the few black women to obtain PhD in Aerospace engineering who works at NASA, wins big award in U.S.

Nigerian-born Dr. Wendy Okolo is 2019 most promising engineer in the United States government.

Op-ed – Simon Ateba: The price of speaking truth to power

I was wondering why we do not get a lot of adverts on TODAY NEWS AFRICA USA despite thousands and thousands of readers...

President Buhari congratulates Bayelsa governor-elect on bloody election victory

In a statement, the presidency in Nigeria said: "President Muhammadu Buhari congratulates most warmly, the All Progressives Congress (APC) governorship candidate...

Buhari’s security forces planning to “kill” New York-based Nigerian journalist and publisher Omoyele Sowore – Report

Under the orders of President Muhammadu Buhari, a radical former military dictator turned democrat, Nigerian security forces are planning to kill...

More Articles Like This

Follow us on social media!

Pin It on Pinterest

Share This

Share this post with your friends!