While it’s largely unclear who may be responsible for any given instance of smartphone surveillance or the goal behind such an attack, much more is known about the larger landscape.
DigitalBank Vault provides sophisticated Digital Anti Surveillance technologies: military-grade encryption devices for ultra-secure anonymous communication (voice calls & text messaging) with untraceable file transfers & storage solutions.
Visit us at https://www.digitalbank.capital/
Smartphone surveillance has its own unique economy with a diverse mix of participants and motivations.
The most successful companies of our time are those who’ve mastered user data – collecting it, analyzing it and profiting from it – typically at the expense of user privacy.
Players range from malicious actors to trusted governmental agencies, and many exist within the gray area in the middle.
Intelligence agencies
Intelligence agencies have long been at the forefront of surveillance, for both domestic and foreign targets. It’s safe to assume that all intelligence agencies – and the threat actors working on their behalf – are dedicated to hacking mobile devices.
Some foreign intelligence services have even disrupted smartphone supply chains, building in control of devices before they reach end-users.
Tellingly, the Pentagon has banned the use of smartphones within spaces containing classified information, with the exception of government-issued devices that have had the cameras and microphones disabled through painstaking hardware modifications.
Likely targets for surveillance include:
• Military groups (for battle strategies,
troop movements, etc.)
• Other intelligence agencies (for classified
information, sources, etc.)
• High-level individuals (for private affairs,
criminal activity, etc.)
• Enterprises (for trade secrets, financial
information, etc.)
Cyber-arms dealers
The cyber-arms market includes defense contractors, cyber-mercenaries and enterprising hackers. Individual tools for smartphone surveillance are custom-built for a client, developed as a ready-made solution or created to sell on the dark web.
Some exploits may take advantage of unpublished zero-days and other unpatched vulnerabilities. The clientele of these cyber-arms is typically undisclosed, but include reputable governmental actors like intelligence agencies, law enforcement and prosecutors, as well as nefarious actors like hostile nation-states and threat groups.
Cybercriminals
Cybercriminals may be motivated by a variety of reasons, including economic, political, social or personal. In addition to developing their own malware capabilities, hackers often use existing malware families and exploits – open-source, proprietary, or commercial – to carry out their goals.
Tools – including those stolen or leaked from cyber-arms dealers – are widely shared underground.
Technology companies
Though not actively surveilling users, digital assistants and certain apps function through the elevated camera and/or microphone permissions.
Virtual assistants like Siri and Google Assistant, for example, are designed to always listen, waiting for wake words that prompt them into action. While such services are still unexplored territory for hackers, it’s conceivable that malware can piggyback on these services to intercept conversations and other audio.
Though NSO is perhaps the most infamous mobile spyware maker—a recent lawsuit alleges that its Pegasus technology was used to help track murdered Saudi dissident Jamal Khashoggi—it is only one of many shadowy firms offering smartphone malware that, while officially designed to target criminals and terrorists, can be used to target activists, lawyers, and other members of civil society.
Dozens upon dozens of spyware firms offer a range of smartphone surveillance, from video and audio recording to location and text monitoring, including regimes with dubious human rights records. This technology, for instance, has been used by mysterious elements in countries like Bahrain and Ethiopia, who used Milan-based Hacking Team’s Remote Control System and the U.K.-based Gamma Group’s FinFisher spyware, respectively, to target dissidents both at home and abroad.
Ability, a Tel Aviv-based spyware firm, sells something called the Unlimited Interception System (ULIN), which, along with a tactical cellular interception system called IBIS (In-Between Interception System) allows Ability to intercept GSM, UMTS, LTE, AND CDMA networks to spy on a target’s smartphone. Mexico spent $42 million on ULIN and other tools in 2016, but Ability has also had customers in China, Singapore, Myanmar, the Czech Republic, Germany, and other countries. The company website states its customers include security and intelligence agencies, military forces, law enforcement, and homeland security agencies in over 50 countries.
Verint, which has offices in Melville, New York, and Herzliya, Israel, came close to purchasing NSO Group in 2018 for $1 billion before talks fell apart. The company is best known for its security cameras and systems that allow corporations to monitor work places, but it also sells sophisticated mass communication surveillance tools, including smartphone tracking software to government and enterprise customers. Verint’s SkyLock technology, for instance, can track the location of smartphone users by hacking the SS7 protocol, as evidenced in a confidential brochure obtained by 60 Minutes in 2016.
Like a number of known spyware companies, Verint has sold smartphone snooping systems to governments with highly questionable human rights records, such as the United Arab Emirates (UAE), South Sudan, and Mexico. An anonymous former Verint employee , told Haaretz last year that Verint’s phone monitoring technology was used to target gay and transgender people in Azerbaijan.
To compete with the likes of NSO Group and Verint Systems, a number of surveillance startups recently formed a consortium. Known as Intellexa, this alliance aims to become “a one-stop shop for all of our customers’ field intelligence collection needs”—the need, of course, being smart device monitoring, among other electronic devices.
The Intellexa alliance is comprised of cyberintelligence firms Nexa Technologies (formerly Amesys), WiSpear, and Cytrox. Nexa’s “Lawful Intercept” solution allows the operator to spy on voice and data across 2G, 3G, and 4G) networks. The company, which is headquartered in Paris with offices in Dubai and the Czech Republic, also offers an internet interception product that allows users to carry out IP probes to analyze high data rate networks, or use what its website says are Wi-Fi sensors designed to detect a target several miles away.
Nexa didn’t respond to email requests for comment on its system capabilities. However, John Scott-Railton, a Senior Research at Citizen Lab, says the company’s Wi-Fi sensors are likely radio direction finding technology combined with standard Wi-Fi interception attacks.
Intellexa partner WiSpear is a more recent entry into the offensive cyber weapons market. Launched in Israel in 2017 but based in Cyprus, WiSpear sells a specially-outfitted van called SpearHead, which is equipped with 24 antennas that can force a target’s phone or computer to connect to its Wi-Fi-based interceptor at a distance of up to 1,640 feet. After conducting a “man-in-the-middle” attack, SpearHead can download four different kinds of malware onto iOS and Android.
WiSpear’s founder, Tal Dilian, a veteran of the Israeli Defense Forces, is also the founder of Circles, a cyberweapons company based in Cyprus and Bulgaria that merged with NSO Group when both companies were under the ownership of Francisco Partners. The other public Intellexa parter, Cytrox, is a European firm that develops exploits that can target and break into a user’s smart devices. The company, which is currently in stealth mode according to its website, was acquired by WiSpear in 2018. Dilian told the publication that in addition to the three firms, there are five other non-public partners in Intellexa.
“Field intelligence teams must be prepared to overcome any challenge they face,” said Dilian in Intellexa’s February 16th press release announcing the alliance. “They need to be able to access hard-to-reach areas and successfully intercept any device. To make sure they succeed in doing so, they need a versatile platform—portable, vehicle mounted or airborne—with a comprehensive set of capabilities to choose from, depending on the specific operational scenario they face. Intellexa was established to enable just that.”
Intellexa could not be reached for comment on its “airborne” spyware capabilities, but Scott-Railton says drones and other aircraft equipped with intercept technology would be advantageous for firms. “[Drones and aircraft] are actually the best way since you get it via line-of-sight,” he says. “Ground-based has much lower range.”
Another, lesser-known spyware firm is Rayzone, an Israeli company that offers services like location tracking and big data analysis, as well as a “trojan system for mobile devices” that it sells to governments and federal agencies. The Rayzone website mentions malware that allows clients to gather smartphone information like files, photos, web browsing, emails, location, Skype conversations, and other data. The company also boasts that its malware can spy on SMS and other instant messaging services, including WhatsApp.
Many of the above spyware firms make their money with overseas contracts, often under the auspices of their governments’ export controls, but there are several companies with more domestic agendas. The UAE, for instance, is home to DarkMatter, a cybersecurity firm that houses Project Raven, a team of clandestine operatives, some of whom have formerly worked for U.S. intelligence services like the National Security Agency (NSA). Reuters reported in January that for the last several years, Raven operatives used a cyberespionage platform called Karma that can hack the iPhones of activists and political leaders, as well as suspected terrorists.
One of the Reuters sources, Lori Stroud, formerly of NSA contractor Booz Allen Hamilton, was told in a briefing that Raven is the offensive, operational division of the UAE’s NESA (National Electronic Security Authority, now called the Signals Intelligence Agency), which is equivalent to the NSA. While Raven used Karma to spy on regional rivals like Qatar and Iran, it also reportedly used the malware to target UAE citizens who were openly critical of the monarchy. In an interesting turn, anonymous sources told the Intercept that operatives at Dark Matter had discussed hacking the publication’s staff after reporter Jenna McLaughlin had revealed in an Intercept story how the Maryland-based computer security firm CyberPoint had helped assemble a team of American spies and hacking tools for Project Raven.
Across the Mediterranean, the Italian firm eSurv sells an Android spyware platform nicknamed “Exodus.” In March, researchers at the watchdog Security Without Borders said that between 2016 until early 2019 they had found 25 malicious apps uploaded by eSurv to the Google Play Store, where they were disguised as applications from mobile operators. “According to publicly available statistics, as well as confirmation from Google, most of these apps collected a few dozen installations each, with one case reaching over 350,” Security Without Borders reported.
Security Without Borders’ research revealed that Exodus is equipped with “extensive collection and interception capabilities,” and that some modifications triggered by the spyware “might expose the infected devices to further compromise or data tampering.” Italian authorities launched an investigation into eSurv and a related company, STM, in the weeks before Security Without Borders’ report. As part of the investigation, prosecutors said they shut down eSurv’s infrastructure.
The "Encrygma"
€ 18,000
SuperEncrypted Phone
The Most Advanced Quantum Encrypted Communication System in the World.
Disruptive Offline Communication Tech
(No Internet or Cellular Connection)
Without any Servers involvement
Based on the Secret Tech "White Fog"
No data ever registered on the device or elsewhere.
Immune to:
Interception
Cyber Espionage
Remote Hacking
Spyware Infection
Malware Infection
Forensic Data Extraction
Ransomware attacks
Electronic Surveillance
You have two options , either you can buy the “Encrygma “ SuperEncrypted Phone , full details : www.Encrygma.com, at € 18,000 Euros per device or create your own encryption device by installing our SuperEncryption systems on regular Android and Windows devices at € 5000 Euros per license.
DigitalBank Vault advantages Vs. SKY ECC, BlackBerry, Phantom Secure, Encrochat
and other 'secure communication devices'
1. One-lifetime fee of € 5000 Euro.
No annual subscription fees.
2. Encryption Keys generated by the user only.
Encryption Keys never stored in the device used or anywhere else.
Encryption Keys never exchanged with the communicating parties.
3. No SIM Card needed.
4. Unlimited text messaging, audio and video messaging,
audio calls, file transfers, file storage.
5. "Air-Gapped" Offline Encryption System not connected to the Internet.
6. No Servers involved at any given time, completely autonomous system.
No third parties involved.
7. No registration of any kind - 100% anonymous without username/password.
No online Platform or Interfaces.
8. Unique, Personal, Dedicated Set of
Encryption Algorithms for each individual client.
Totally Private Encryption System.
9. Air Gap Defense Technology:
The Only Offline Communication System in the World.
10. Working cross-platform on Android Smartphones ( No SIM Cards Needed)
and Windows PC ( for office work)
Contact us
for additional information at agents@digitalbankvault.com
Telegram: @timothyweiss WhatsApp: +37257347873 You can buy any Android device and Windows laptops and transform them into a powerful encryption device by installing our set of software. The process is simple , you buy your own phones and laptops devices , choose your most trusted company ( we always advise Samsung phones and Asus laptops , then you buy from us the DigitalBank Vault SuperEncryption System and install it on the devices you bought. If you need the encryption system just for storing and transferring classified files and data, you may need just one license ( it will work for four on both Windows and Androids). If you need to communicate between two people, you will of course need to buy two licenses. If your network of people you need to communicate with is larger , you will have to buy more licenses of course. Each client is receiving a dedicated set of encrypted algorithms that means that each company (client) has a different encryption system, therefore creating a closed private internal network. Each license costs € 5000 Euros. No recurring payments are required. It’s a one-time fee. No monthly payments. Remember that our mission is to help companies achieve total, absolute secrecy over their sensitive data storage, critical file transfers and securing their confidential communications. Feel free to contact us. For more in depth information we can have a voice call or video meeting. Our SuperEncryption systems are needed in case you really need the highest level of secrecy. Our technology is above Governments level , it’s the highest level of anti interception/ anti espionage tech available to the private sector. We sell only and exclusively to reputable companies and individuals that pass our due diligence and KYC procedures. Try for 30 days ( free of charge) the DigitalBank Vault SuperEncryption System. Transform any Android device or Windows Laptop into an Unbreakable Encryption Machine
More information? Visit our website at www.DigitalBankVault.com or email us at info@digitalbankvault.com. We will be happy to assist you in achieving total secrecy over your communications.
How to buy a DigitalBank Vault SuperEncryption system? https://www.digitalbankvault.com/order-the-digitalbank-vault
More details?
Why the DBV SuperEncryption system is safer than any other solution available in the market?
How does the DigitalBank Vault SuperEncryption technology work?
Comments