Oct 10, 2023 12:10:00

``Predator Files'' is a report on attacks that used politicians, academics, journalists, etc. around the world to spread spyware.

Amnesty International, the world's largest international human rights NGO, announced on October 9, 2023, ``Shocking spyware attacks are being attempted against ordinary citizens, politicians, academics, and journalists in the EU, the United States, and Asia.'' announced the results of a survey. Amnesty International calls for a global ban on spyware, calling the series of extremely serious attacks the 'Predator Files'.

The Predator Files: Caught in the Net - Amnesty International
https://www.amnesty.org/en/documents/act10/7245/2023/en/

Global: 'Predator Files' spyware scandal reveals brazen targeting of civil society, politicians and officials - Amnesty International
https://www.amnesty.org/en/latest/news/2023/10/global-predator-files-spyware-scandal-reveals-brazen-targeting-of-civil-society-politicians-and-officials/

Independently Confirming Amnesty Security Lab's finding of Predator targeting of US & other elected officials on Twitter/X - The Citizen Lab
https://citizenlab.ca/2023/10/predator-spyware-targets-us-eu-lawmakers-journalists/

'Predator Files' report prompts call for worldwide ban on spyware | SC Media
https://www.scmagazine.com/news/predator-files-report-prompts-call-for-worldwide-ban-on-spyware

The Predator Files Project , which concerns the spyware Predator sold by a software company called Intellexa Alliance, is based on a year-long, confidential, document-based investigation conducted by 15 media outlets and Europol , and compiled by Amnesty International. This is a project analyzed by the International Security Lab. New research conducted as part of the project shows that between February and June 2023, at least 50 accounts belonging to 27 individuals and 23 institutions were hacked with spyware using X (formerly Twitter) and Facebook. It became clear that he had been targeted.

Predator is highly intrusive and can freely access all data on the compromised device including microphone, camera, contacts, messages, photos, videos, etc. And it is highly likely that users will not notice the intrusion at all.

According to the Security Lab's report, people targeted by the spyware, although not necessarily infected, include a US Republican congressman, a Democratic senator, European Parliament President John Hoeven, and Taiwanese President Tsai Ing-wen, German Ambassador to the United States, and others are mentioned.

Agnes Callamard, executive director of Amnesty International, said: ``Companies and developers developing and selling spyware must do nothing to restrict who can use this spyware and for what purposes.'' Instead, they are lining their own pockets and ignoring the serious human rights implications at stake.The latest findings have prompted countries to deploy highly invasive spyware around the world. Immediate banning should be the only surefire response.'

Independent research by

Citizen Lab , based at Canada's Munk School of International Studies at the University of Toronto, reveals that infected links from Predator are spread in response to social media posts by officials, journalists, academics, and others. . Citizen Lab created a list called ``REPLYSPY'' that independently collected a series of replies that have since been deleted, and was investigating the method and impact of the damage. As a result, Citizen Lab's findings are consistent with Security Lab's conclusions, indicating the existence of attacks targeting people working for authorities in the United States and the international community.

Citizen Lab shows a post by Albanian politician Etilda Jonaj as an example of the REPLYSPY list. In the image below, Mr. Jonaj posted a quote from the American ambassador to Albania, but in response to that post, a headline from the South China Morning Post , an English-language newspaper published in Hong Kong, was posted. I am. However, this link is not a link to the South China Morning Post (scmp.com), but a fake link called 'Southchinapost.net', and clicking this link may infect Predator. Citizen Lab points out.

Amnesty International has also confirmed the account ``@Joseph_Gordon16'', which pastes malicious links in replies, and security laboratory director Doncha O Carebail said, ``An example of @Joseph_Gordon16 pasting a malicious link to Predator. We have identified dozens of cases, often masquerading as innocent news outlets. Our investigation reveals that @Joseph_Gordon16 has close ties to Vietnam and may have been acting on behalf of Vietnamese authorities or interest groups. It turned out that there was,” he said. Amnesty International asked Vietnam's Ministry of Public Security for comment, but received no response.

' Spyware using platforms like It has amplified its reach and impact: for companies, it has become an economic espionage operation that can lead to intellectual property theft and theft of sensitive information such as financial records and strategic plans, and for politics, it has become a threat to policy decisions and dissent. 'There is a possibility that public opinion may be manipulated by suppressing the threat,' he said, talking about the threat posed by Predator and the extent of its damage.