Israeli firm traces cyberattacks on Egyptian activists to Cairo government

Check Point Software Technologies says major hacking campaign targeting opposition figures, journalists and academics run out of Egyptian spy shop

Anti-government protesters chant slogans against the regime in Cairo, Egypt, September 21, 2019. (AP Photo/Nariman El-Mofty)
Anti-government protesters chant slogans against the regime in Cairo, Egypt, September 21, 2019. (AP Photo/Nariman El-Mofty)

A leading Israeli cybersecurity company found that a series of cyberattacks against Egyptian journalists, academics, opposition politicians and rights activists was likely perpetrated by the Egyptian government.

The perpetrators, who were traced to government offices, installed programs on victims’ phones that allowed them to read their emails, track their movements and keep tabs on their contacts.

Check Point Software Technologies uncovered the link and would reveal the findings in a Thursday report, the New York Times reported.

The main server for the attackers had been registered by the Egyptian Ministry of Communications and Information Technology.

GPS coordinates in one of the applications used by the perpetrators matched Egypt’s General Intelligence Service, its central spy agency, the report said.

The effort started in 2016 and targeted at least 33 leading opposition figures. It used several methods to gain access to people’s devices. An app called Secure Mail tricked the targets into divulging their Gmail passwords; an app called iLoud200% was billed as increasing the volume of phones, but actually revealed the target’s location, even when location services were turned off; IndexY purported to identify incoming calls, but actually saved details of all calls made for the attackers.

Check Point CEO Gil Shwed speaks at the Cybertech Israel Conference and Exhibition, in Tel Aviv on January 31, 2017. (Miriam Alster/Flash90)

IndexY was offered by the Google Play Store until July 15, when Check Point notified Google about it. Google took down the app and banned the developer who placed it there. Its successful placement in the store spoke to its sophistication, Check Point said.

Despite the apps’ complexity, the creators made several mistakes, the New York Times reported, including leaving an IP address and geolocation coordinates embedded in the software, which Check Point said revealed likely ties to the Egyptian government.

The incriminating information could have been part of a false flag operation, but was probably left in the software accidentally. The campaign’s scale, duration, and targets also seemed to point to a government actor, the report said.

At least two of the targets were arrested following anti-government protests last month.

Check Point’s investigation was sparked by a report by the Amnesty International rights group saying that Egyptian rights activists had been targeted in a phishing campaign.

Of the 33 targets, at least some were Egyptians living in the US, Canada and the UK.

read more:
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed
Register for free
and continue reading
Registering also lets you comment on articles and helps us improve your experience. It takes just a few seconds.
Already registered? Enter your email to sign in.
Please use the following structure: [email protected]
Or Continue with
By registering you agree to the terms and conditions. Once registered, you’ll receive our Daily Edition email for free.
Register to continue
Or Continue with
Log in to continue
Sign in or Register
Or Continue with
check your email
Check your email
We sent an email to you at .
It has a link that will sign you in.