The Vietnamese government allegedly attempted to install spyware on the phones of members of Congress, American policy experts, and journalists earlier this year. This bold campaign highlights the increasing prevalence of state-of-the-art hacking tools. The links posted on Twitter and uncovered documents reveal that the targeted individuals included influential foreign policy figures on Capitol Hill, such as Rep. Michael McCaul (R-Tex.) and Sen. Chris Murphy (D-Conn.), as well as Asia experts at think tanks and CNN journalists. The timing of these attempts coincided with negotiations between Vietnamese and American diplomats regarding a cooperation agreement to counter Chinese influence in the region.
While it’s unclear whether the State Department raised the issue with the Vietnamese government, the agreement was signed by President Biden in September. Predator, a powerful and difficult to detect surveillance program similar to Pegasus, was used by the spies to try and lure the targets into visiting websites that would install the hacking software. Predator can access microphones and cameras on Apple iPhones and Google Android devices, retrieve files, and read encrypted messages.
The network distributing Predator includes companies like Intellexa and Cytrox, which were added to the U.S. Commerce Department’s “Entity List” in July, requiring a license for U.S. businesses to work with them. The recent hacking attempts followed extensive communication and technology shipments between Vietnamese agencies and the creators of the spyware, as revealed by documents shared with various news outlets. Vietnam has a history of involvement in hacking campaigns and has previously used commercial spyware programs.
The Biden administration is deeply concerned about the hacking of members of Congress and intends to address this issue. The fact that the hackers used Twitter for their campaign is surprising since most spyware vendors and buyers tend to operate covertly to avoid detection and reuse techniques. The malicious Twitter account responsible for this campaign deleted its tweets within days, likely to avoid being discovered.
The companies selling Predator also offer the capability to infect devices through WiFi networks, websites, or telecom networks under national control. Bills are being considered in Congress and other countries to regulate the spyware industry more effectively due to rampant misuse of these tools in Mexico, Greece, Saudi Arabia, and elsewhere.
While Predator and Pegasus can be delivered through links that require the target to click, they can also be deployed without any interaction by exploiting security vulnerabilities. Citizen Lab discovered several replies on Twitter that could have led to infections and found that the links connected to pages that had previously installed Predator. Apple’s Lockdown Mode has effectively blocked some methods of delivering Predator to targets, but the future remains uncertain.
Members of Congress, including McCaul and Murphy, were among the targets, but it’s unclear whether any of them were infected. Leslie Shedd, a spokesperson for McCaul, stated that neither the congressman nor his staff would have seen the targeting tweet, as they do not manage his social media accounts. An aide to Murphy confirmed that… (content truncated)
Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
