A leading Israeli cybersecurity company found that a series of cyberattacks against Egyptian journalists, academics, opposition politicians and rights activists was likely perpetrated by the Egyptian government.
The perpetrators, who were traced to government offices, installed programs on victims’ phones that allowed them to read their emails, track their movements and keep tabs on their contacts.
Check Point Software Technologies uncovered the link and would reveal the findings in a Thursday report, the New York Times reported.
The main server for the attackers had been registered by the Egyptian Ministry of Communications and Information Technology.
GPS coordinates in one of the applications used by the perpetrators matched Egypt’s General Intelligence Service, its central spy agency, the report said.
The effort started in 2016 and targeted at least 33 leading opposition figures. It used several methods to gain access to people’s devices. An app called Secure Mail tricked the targets into divulging their Gmail passwords; an app called iLoud200% was billed as increasing the volume of phones, but actually revealed the target’s location, even when location services were turned off; IndexY purported to identify incoming calls, but actually saved details of all calls made for the attackers.
IndexY was offered by the Google Play Store until July 15, when Check Point notified Google about it. Google took down the app and banned the developer who placed it there. Its successful placement in the store spoke to its sophistication, Check Point said.
Despite the apps’ complexity, the creators made several mistakes, the New York Times reported, including leaving an IP address and geolocation coordinates embedded in the software, which Check Point said revealed likely ties to the Egyptian government.
The incriminating information could have been part of a false flag operation, but was probably left in the software accidentally. The campaign’s scale, duration, and targets also seemed to point to a government actor, the report said.
At least two of the targets were arrested following anti-government protests last month.
Check Point’s investigation was sparked by a report by the Amnesty International rights group saying that Egyptian rights activists had been targeted in a phishing campaign.
Of the 33 targets, at least some were Egyptians living in the US, Canada and the UK.
The Times of Israel covers one of the most complicated, and contentious, parts of the world. Determined to keep readers fully informed and enable them to form and flesh out their own opinions, The Times of Israel has gradually established itself as the leading source of independent and fair-minded journalism on Israel, the region and the Jewish world.
We've achieved this by investing ever-greater resources in our journalism while keeping all of the content on our site free.
Unlike many other news sites, we have not put up a paywall. But we would like to invite readers who can afford to do so, and for whom The Times of Israel has become important, to help support our journalism by joining The Times of Israel Community. Join now and for as little as $6 a month you can both help ensure our ongoing investment in quality journalism, and enjoy special status and benefits as a Times of Israel Community member.