Morocco has been connected to multiple cases of surveillance abuse over the past decade, ranging from the targeting of human rights organizations with Hacking Team’s spyware to a string of more recent cases in which NSO Group’s Pegasus spyware was used to target civil society within Morocco … ]co, which seems to impersonate Hmizate, an e-commerce company from Morocco. La société a débuté financée par un groupe d'investisseurs menés par Eddy Shalev, un partenaire dans le fonds d'investissement Genesis Partners. Normally, the browser would be immediately redirected by Yahoo to its default TLS-secured site at It employed almost 500 people as of 2017, and is based in Herzliya, near Tel Aviv, Israel. Radi was targeted by a series of network injection attacks, which allowed attackers to intercept and manipulate targets’ internet traffic, Amnesty International said. NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. This report reveals that at least since 2017, state authorities have also been using NSO Group’s spyware as a tool to further shrink the space for carrying out human rights work by targeting HRDs. With the revelations detailed in this report, it has become increasingly obvious that NSO Group’s claims and its human rights policy are an attempt to whitewash rights violations caused by the use of its products. Dans un nouveau rapport publié le 22 juin, nous révélons que l’entreprise israélienne, NSO Group, qui commercialise sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi. Amnesty International has uncovered targeted digital attacks against two prominent Moroccan Human Rights Defenders (HRDs) using NSO Group’s Pegasus spyware. Maati Monjib’s fears were proven to be true. NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli technology firm whose spyware called Pegasus enables the remote surveillance of smartphones. 0 NSO Group, the Israeli company marketing its technology in the fight against COVID-19, contributed to a sustained campaign by the government of Morocco to spy on Moroccan journalist Omar Radi, a new investigation by Amnesty International reveals. These revelations are particularly significant in a context where Moroccan authorities are increasingly using repressive provisions from penal codes and security laws to criminalise and discredit human rights defenders and activists for exercising their rights to freedom of expression, association, and peaceful assembly. ]co, was previously identified by Citizen Lab in the report “Hide and Seek: Tracking NSO Group‘s Spyware to Operations in 45 Countries“ as associated to the threat actor they named “ATLAS“ and suspected by Citizen Lab to be of Moroccan origin.   |   This is not the first time that spyware manufactured by the NSO Group has been used against HRDs. Dans ce rapport, elle affirme toujours en employant le conditionnel que le téléphone de l’historien Maati Mounjib aurait fait … He says that he has been followed multiple times and that his clients have also been harassed. If you received similar SMS messages to those described in this report, you can share them with us by writing to the following email address: “As per our policy, we investigate reports of alleged misuse of our products. In October 2019, in response to our report that NSO Group’s tools were used to unlawfully target HRDs in Morocco, NSO Group told Amnesty International in a letter: “Our products are developed to help the intelligence and law enforcement community save lives. NSO Group, entreprise israélienne commercialisant sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi, a révélé Amnesty International dans un nouveau rapport d’enquête rendu public lundi 22 juin. die NSO GmbH wurde in die feelgood-IT GmbH >> << umbenannt. You can’t behave freely. This may include suspending or immediately terminating a customer’s use of the product, as we have done in the past. You can use this tool to change your cookie settings. As laid out in the UN Guiding Principles on Business and Human Rights, the NSO Group and their primary investor, the UK-based private equity firm Novalpina Capital, should urgently take pro-active steps to ensure that they do not cause or contribute to human rights abuses within their global operations, and to respond to any human rights abuses when they do occur. 408 0 obj <> endobj Further, Moroccan authorities should disclose the details of any deals carried out with the NSO Group and should ensure that HRDs are protected from unlawful surveillance through adequate legal and policy safeguards that are in line with international standards, including by providing effective legal remedies for people to challenge violations of their human rights linked to surveillance. We asked NSO Group to respond to the revelations detailed in their report. Permissions These targeted digital attacks against two Moroccan HRDs are symptomatic of a larger pattern of reprisals against HRDs and dissident voices being carried out by Moroccan authorities. As he visited, his phone was being monitored and hijacked, and Safari was automatically directed to an exploitation server which then attempted to silently install spyware. In order to meet that responsibility, NSO Group must carry out adequate human rights due diligence and take steps to ensure that HRDs in Morocco do not continue to become targets of unlawful surveillance. Technology developed by Israeli cyber security company NSO Group was used by the Moroccan government to spy on journalist Omar Radi, a critic of Morocco's human rights record, Amnesty International said on Monday. In conclusion, because of the domain names and the characteristics of the links sent to Maati Monjib and Abdessadek El Bouchattaoui via SMS we can assume that, if clicked, they would have resulted in an attempted exploitation of their devices and the subsequent infection NSO Group’s Pegasus spyware, enabling the attackers to exercise complete monitoring of the victims’ communications and other data. Since he began his work on defending protestors in Hirak, Abdessadak El Bouchattaoui was also fairly certain that he was under surveillance by the state. ]biz/yTnWt1Ct, ALQODS RESTERA TOUJOURS LA CAPITALE DE LA PALESTINE SAUVEZ LA VILLE SAINTE EN SIGNANT CETTE PETITION hxxp://tinyurl[. Die Aufgaben und die Komplexität der heute digitalisierten Welt haben sich geändert und wir sind mitgewachsen, haben die Sprach- und Verständnisbarrieren zwischen Technikern und Nicht … While there are significant legal and contractual constraints concerning our ability to comment on whether a particular government agency has licensed our products, we are taking these allegations seriously and will investigate this matter in keeping with our policy. Annual report 2019: Eastern Europe and Central Asia, EU Counter-Terrorism Agenda takes a wrecking ball to rights, Human rights monitoring needed more than ever in Western Sahara, documented the targeting of an Amnesty staff member and a Saudi HRD using NSO Group‘s Pegasus, malicious websites previously connected to NSO Group, previously identified and disclosed by Amnesty International, Hide and Seek: Tracking NSO Group‘s Spyware to Operations in 45 Countries, Amnesty International Among Targets of NSO-powered Campaign, Israel: Amnesty International engages in legal action to stop NSO Group’s web of surveillance, Open letter to Novalpina Capital, CC: NSO Group, Francisco Partners, Second open letter to Novalpina Capital, CC: NSO Group, Francisco Partners. These were carried out through SMS messages carrying malicious links that, if clicked, would attempt to exploit the mobile device of the victim and install NSO Group’s Pegasus spyware. Refunds of donations. In addition to it being used to target an Amnesty staff member in 2018, NSO group’s software has also been used to attack HRDs from Saudi Arabia, Mexico and UAE. ]com/y73qr7mb, فضيحة أخلاقية داخل مقهى بورتز في حي أكدال بالرباط \r\nلمشاهدة الفيديو الذي يوثق الفضيحة hxxps://videosdownload[. Archives Un rapport documenté de Citizen Lab affirme que le Maroc, à travers ses instances sécuritaires, fait partie des Etats clients de Circles Systems, une filiale de la firme israélienne NSO Group qui commercialise des technologies de surveillance controversées. 431 0 obj <>/Filter/FlateDecode/ID[<00C540067418FF46B53C963391A56DB3>]/Index[408 39]/Info 407 0 R/Length 111/Prev 638556/Root 409 0 R/Size 447/Type/XRef/W[1 3 1]>>stream %%EOF One message carrying a link with this domain showed the same characteristics as typical Pegasus SMS messages. Otherwise, we'll assume you're OK to continue. Through this, an attacker with privileged access to a target’s network connection can monitor and opportunistically hijack traffic, such as web requests. Amnesty International can reveal that the two targets are Maati Monjib, an academic and activist working on issues of freedom of expression, and Abdessadak El Bouchattaoui, a human rights lawyer involved in the legal defence of protestors in a social justice movement in Hirak El-Rif that took place across 2016 and 2017. It was founded in 2010 by Niv Carmi, Omri Lavie, and Shalev Hulio. Amnesty International met Maati Monjib and checked his devices for traces of targeting. News NSO_Group Maroc. Read more about Morocco used Israeli malware to spy on journalists . Maureen Clare Murphy 17 April 2020. He is a part of the legal defence team for people imprisoned for participating in the social justice protests in the Hirak El-Rif across 2016 and 2017. Further analysis of the device led us to identify at least four similar injection attempts between March and July 2019. Omar Radi is the latest journalist to have his phone compromised by NSO Group. NSO Group Technologies est une entreprise israélienne de sécurité informatique fondée en 2010 par Niv Carmi, Omri Lavie, et Shalev Hulio [1].Elle est implantée à Herzelia en Israël et est constituée de deux cents employés. That’s why contracts with all of our customers enable the use of our products solely for the legitimate purposes of preventing and investigating crime and terrorism. The targeting of Radi came at a time when he was being repeatedly harassed by the Moroccan government between January 2019 and January 2020. Résumé. We believe this is what happened with Maati Monjib’s phone. In June 2018 Amnesty International documented the targeting of an Amnesty staff member and a Saudi HRD using NSO Group‘s Pegasus. According to our research, these targeted attacks have been ongoing since at least 2017. This allows them to change the behaviour of a targeted device and, such as in this case, to re-route it to malicious downloads or exploit pages without requiring any extra interaction from the victim. If you are talented and passionate about human rights then Amnesty International wants to hear from you. ]co/nBBJBIP, فاجعة الصويرة تسقط أول المسؤولين أمام القضاء hxxps://infospress[. Il est dit que les fondateurs sont des anciens membres de l'unité 8200, l'unité de renseignement israélienne responsable du Renseignement d'origine électromagnétique4. The links contained in such messages closely resemble the URLs involved in the network injection attacks: Both links are composed of rather generic domain names, followed by a 7-9 random alphanumeric string. This means that only select individuals would have been targeted. 0522647000 STOPSMS: hxxps://stopsms[. Espionnage: le Royaume du Maroc serait un client de Circles, filiale de l’Israélien NSO Group Aux côté de 24 pays au monde, le Maroc a été cité comme client potentiel pour les produits de l’entreprise Circles, filiale de le la société israélienne NSO, dans une nouvelle enquête du … Currently, we do not have sufficient information to conclusively attribute these suspected network injection attacks to NSO Group’s products or services. ]biz/TY8us0h, TruecaIIer à le plaisir de vous annoncer l'ajout d'une nouvelle fonctionnalité, consulter les noms des personnes qui ont cherché votre numéro durant une semaine hxxp://tinyurl[. Une fois ce postulat vide établi, il est devenu déterminant pour Amnesty de relier «NSO Group» au Maroc, malgré l’aveu préliminaire de cette ONG, sur le fait «qu’elle ne dispose d’aucune preuve sur l’achat, par Rabat, de cette technologie». This database not only keeps individual records of particular links being visited, but it also records the origin and destination of each visit. ]” instead of dots or “hxxp” instead of “http”, in order to avoid accidental clicks or copy & paste.). NSO Group spyware used against Moroccan journalist after company pledged to respect human rights; Inc. Co. comments. These suspicions are now definitively confirmed. June 22, 2020 By Pierluigi Paganini Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. ]biz and infospress[. NSO Group publicly committed to abide by the UN Guiding Principles on Business and Human Rights on 10 September. Der Name NSO GmbH (Netzwerk Systemadministration und Onlineservices) hat uns über 16 Jahre treu begleitet. In the absence of adequate transparency on investigations of misuse by NSO Group and due diligence mechanisms, Amnesty International has long found these claims spurious. Mexico, Morocco, and Thailand were also singled out for torture, murders, disappearances and other abuses by government agencies and security forces. h�bbd```b``^"W�Is��D2U�e���`R,�����d���o���`vX�j9g ��� �� WAl�P�� H�/�������g`����1�3@� DiZ The trial in this case is ongoing. This charge was leveled simply for promoting a mobile application for citizen journalism that protected users’ privacy. Le Maroc et 44 autres pays sont les clients de NSO qui a créé Pegasus, un logiciel utilisé pour pirater des comptes WhatsApp. L’Organisation en octobre 2019 avait publié un premier rapport intitulé : « Maroc, des défenseurs des droits humains ciblés par un logiciel espion de NSO Group ». Amnesty International said Sunday its security team found evidence of abuse on a Moroccan journalist’s cell phone that can be tied back to spyware developed by NSO Group. According to our research, these targeted attacks have been ongoing since at least 2017. This visit was followed by a redirect to the same domain, but provided with additional arguments: hxxps://bun54l2b67.get1tn0w.free247downloads[.]com:30495/szev4hz#048634787343287485982474853012724998054718494423286. This type of redirection would only be possible when the request is in clear text, and not protected with Transport Layer Security (or TLS, which is essentially the https:// you sometimes see in links), as was the case with The NSO Group says that it licenses products “only to government intelligence and law enforcement agencies” to investigate serious crime. Amnesty International has discovered that since at least October 2017, HRDs from Morocco have been targeted with the infamous “Pegasus“ spyware produced by the Israeli company ‘NSO Group’. Previously, he had protested restrictions on his movements by going on a hunger strike. Le siège social de NSO Group en Israël. Another domain we found in SMS messages sent to Moroccan HRDs, revolution-news[. To monitor a target, a government operator of Pegasus must convince the target to click on a specially crafted exploit link, which, when clicked, delivers a chain of zero-day exploits to penetrate security features on the phone and installs Pegasus without the user’s knowledge or permission. Israel-based “Cyber Warfare” vendor NSO Group produces and sells a mobile phone spyware suite called Pegasus. Such a network vantage point could be any network hop as close as possible to the targeted device. The NSO Group claims that the technology is only used for lawful purposes, such as against terrorists and criminals and that if states misuse its tools, its human rights due diligence mechanisms are sufficient to investigate and remedy that misuse. Additionally, we identified a new previously unknown domain: hmizat[. They can be found in Settings > Privacy > Analytics > Analytics Data. NSO Group, entreprise israélienne commercialisant sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi, a révélé Amnesty International dans un nouveau rapport d’enquête rendu public lundi 22 juin.On ne peut manifestement pas faire confiance à NSO Group. This affected his sense of psychological well-being and made it difficult for him to carry out his work. Tamara Nassar 23 June 2020. During the course of his trial he received death threats and his family was intimidated over the phone. The targeting of Maati Monjib and Abdessadak El Bouchattaoui, simply for carrying out human rights work, is unlawful according to principles laid out in international human rights law. (Note: with each attempt, the redirected URL would change slightly with different subdomains, port number, and URI.). We believe this is a symptom of a network injection attack generally called “man-in-the-middle” attack. Pour ne plus recevois nos SMS : hxxp://stopsms[. Oct 10, 2019 | CYBERSCOOP Hackers potentially working on behalf of a foreign government have targeted Moroccan human rights advocates with malicious software built by NSO Group, a controversial spyware vendor, according to Amnesty International. Once the phone is exploited and Pegasus is installed, it begins contacting the operator’s command and contr… ]com/LQoHgMCEE, Bonjour,Quelqu'un vous a recherché sur Truecaller.Découvrez de qui il s'agit. He is an important voice on issues of freedom of expression in Morocco. We found that he was repeatedly targeted with malicious SMS messages that carried links to websites connected to NSO Group’s Pegasus spyware. Citizen Lab survey lists Morocco as customer of Circles, a subsidiary of Israel’s NSO Group. Surveillance in Morocco is carried out in an open and brazen way… Surveillance is a type of punishment. Son ancien président du bureau dirigeant était le général en retraite Avigdor Ben-Gal, ancien responsable d'Israel Aircraft Industries dans les années 19901. In addition to SMS messages, we identified what appear to be network injection attacks against a HRD’s mobile network also aimed at installing spyware. If an investigation identifies actual or potential adverse impacts on human rights we are proactive and quick to take the appropriate action to address them. Since 2015, Maati Monjib believed that he has been under digital surveillance by Moroccan authorities. Whenever an application crashes, iPhones store a log file keeping traces of what precisely caused the crash. These messages, described as “Enhanced Social Engineering Message(s)“ (ESEM) in leaked NSO Group‘s documentation, attempt to lure victims to click on the contained link, which would then trigger an attempt of exploitation of the phone and the consequent silent installation of the Pegasus spyware on the device. Soyez au Rendez-vous sur notre site :hxxp://tinyurl[. Indian journalists reported among targets of alleged NSO Group WhatsApp hack October 31, 2019 2:29 PM EDT New York, October 31, 2019—The Committee to Protect Journalists is alarmed by news reports that several journalists in India have been notified that they were among the targets of suspicious WhatsApp contact that may have been used to install advanced surveillance technology on their phones. Espionnage : Le Maroc serait client de Circles, filiale de l'Israélien NSO Group. Amnesty International is calling on the Moroccan authorities to drop the charges against Monjib and his co-defendants. (For a full list of all identified SMS messages, see Appendix-II. Espionnage: le Royaume du Maroc serait un client de Circles, filiale de l’Israélien NSO Group Aux côté de 24 pays au monde, le Maroc a été cité comme client potentiel pour les produits de l’entreprise Circles, filiale de le la société israélienne NSO, dans une nouvelle … In this case, because the targeted device is an iPhone, connecting through a mobile line only, a potential vantage point could be a rogue cellular tower placed in the proximity of the target, or other core network infrastructure the mobile operator might have been requested to reconfigure to enable this type of attack. Additional evidence found on the phone reinforces this suspicion. We believe at least one injection attack was successful and resulted in the compromise of Maati Monjib’s iPhone. The browser first attempted an unencrypted connection to Our analysis of Maati Monjib’s phone showed that, on one occasion, all these crash files were wiped a few seconds after one of these Safari redirections happened. endstream endobj 409 0 obj <. These crash logs are stored on the phone indefinitely, at least until the phone is synced with iTunes. ]com/y9hbdqm5 \nvous pouvez consulter nos offres du moment, Vous l'avez demandé,CityClub l'a fait!Grand retour du BLACKFRIDAY vendredi 24/11!\r\nRéservez votre carte promo 15 mois à 1633dh! In February 2017, a court in Al Hoceima sentenced him to 20 months in prison and a fine for online posts in which he criticized the use of excessive force by the authorities during the protests. The journalist, Omar Radi, was targeted by surveillance software capable of tracking texts, calls, emails, camera, and more — just days after NSO Group, the Israeli surveillance software company, … Abdessadak El Bouchattaoui had also long suspected that his digital communications were being monitored. NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. ��P�G,S���1�`����x�q�9���LJL�a����V��u�`������{�'������4#� m��9q�ff`�愇�#�^u�*FS� � l� Le groupe y a investi 1,8 million de dolla… Privacy Policy