SCOOP: We went undercover & discovered a secret disinformation-for-hire group called Team Jorge selling election interference, hack-and-leak & influence as a service. They claim to have meddled in 33 elections THREAD
#TeamJorge
@FredMetzo
@GurMegiddo
SCOOP We got our hands on screen shots of an early prototype of Pegasus, called Syaphan and intended for use by the Israeli police
These photos are the closest we’ve gotten to seeing real working Pegasus system THREAD
@JoshBreiner
@haaretzcom
🚨SCOOP: My new
@Haaretzcom
investigation reveals new Israeli cyber companies developed technology that exploits the heart of the online economy - ads - not just for mass surveillance, but also to hack phones 👇
פייק ניוז בערוץ 20 ודוגמא יפה לאיך מנגנוני פרופגנדה פופוליסטים לא רק מפיץ מידע כוזב אלא גם עושה פוליטיזציה מיותרת ושיטתית למקורות ידע אמינים - בדרך כלל תקשורת ואקדמיה אבל במקרה הזה ויקיפדיה (שרשור קצר)
SCOOP Meet Toka, an Israeli camera hacking firm set up by former PM Ehud Barak and the IDF’s ex-cyber chief. It sells only to intel bodies and law enforcement and allows them to “access” and “alter” camera feeds
tldr; Team Jorge are a 1-stop-shop of influence & psyops
Their business model: disinformation-as-a-service, or DaaS.
Their software: AIMS, an advanced system for creating and deploying fake accounts without detection
#TeamJorge
@FredMetzo
@GurMegiddo
I've spent that last two weeks combing over the amazing work done by
@amnesty
's Security Lab &
@citizenlab
to put together this list of all the confirmed victims of the Pegasus. Did I miss anyone? DM me and we'll update the list
@haaretzcom
“Make the deal, it’s for Israel’s security”
Investigation reveals: Where Netanyahu traveled, NSO soon followed.
This is how Israel became the cyber industry’s patron and pushed spyware sales across the world -
@amitaiz
for
#PegasusProject
@haaretzcom
BOOM: Former Israeli prime minister Ehud Olmert was involved with cyber firm Intellexa and was even supposed to help pitch its cyber tools to Germany
Massive scoop by
@danieldolev
at
@HashomrimOrg
as part of the
#PredatorFiles
published by
@EICnetwork
A year ago I boarded a plan to Greece and began working on what would be the main focus of my spyware investigations since: A firm called Intellexa which offers the same type of spyware as NSO, but unlike NSO does not operate under Israeli oversight
כפי שאמר לי חוקר אמריקאי בהקשר לבחירות באמריקה: הרוח הקונספירטיבית יותר מכל קונספירציה ספציפית היא התנאי האפשרות של QAnon. עולם בו הכול אפשרי ואי אפשר להאמין לאף אחד הוא המטרה האמתית של סוכני דיסאינפורמציה. שם זה טראמפ/פוקס/OAN, וכאן זה ערוץ 20 וכו
SCOOP: Together with
@FakeReporter
, researchers have uncovered, for the first time since the start of the war, an Israeli influence operation in English.
The targets: U.S. lawmakers & Hamas-UNRWA
Here's what we found: 👇
#InfluenceOps
@haaretzcom
אז למה ויקיפדיה? כי המפתח למה שמוכנה truth decay - שחיקת מעמדה של האמת ברמה חברתית רחבה - היא פירוק שיטתי של מוסדות ידע כמו ויקיפדיה המבוססים על עובדות מבוססות. והאייטם הזה של ערוץ 20 הוא מתקפה לא רק על עובדה אחת ספציפית אלא על עובדתיות ברשת באופן כללי
This early prototype of a Pegasus-like system also allows remote recording - not just live interception of calls but actually turning the phone into a recording device
@JoshBreiner
@haaretzcom
SCOOP PART 2: After discovering
#TeamJorge
, we (
@GurMegiddo
@FredMetzo
) went undercover AGAIN and had a series of meetings with a firm that likes to pretend that its the quote/unquote ""legitimate"" side of the disinformation-for-hire market
Meet Percepto
As one source told me: “Israel is the ONLY country in the world that export regulations don’t apply to. Offensive cyber firms can sell Israel anything and everything, not just tech but also services”
@JoshBreiner
@haaretzcom
They bear all the hallmarks of what we’d expect from a mobile tactical interception system: for example access to call logs and messages - including those from encrypted apps like WhatsApp
@JoshBreiner
@haaretzcom
These are screen shots of the program and the police planned to present them to the government. They showcase the spyware program’s capabilities
@JoshBreiner
@haaretzcom
התשובה ברורה: כי אף אחד לא יבדוק או שהכתב עצלן מדי, או גם וגם, והמטרה תמיד הייתה לחזור שוב ושוב על הטענות שיש מי שפועל להסתיר מהציבור את האמת לגבי נתניהו
סקופון: הFBI התבקש לחקור לפחות 2 מקרים של גנבת זהות בעקבות תחקיר של
@fakereporter1
שחשף שאלמונים השתמשו בחשבונות טוויטר שנחזו לכאלה השייכים לאנשים מוכרים בקהילה היהודית בארה"ב - בניסיון לאסוף מידע על פעילים במחאה נגד נתניהו >>
@Haaretz
עזבו שנייה את השאלה למה זה שווה אייטם (זה לא, תאמינו לי ככתב לענייני ויקיפדיה שהשחתות שנמחקות תוך דק הם אירוע יומיומי). למה לשקר? למה שקר שכל כך קל לבדוק ולהפריך? (*8* *פאקינג* *דק*)
The spyware also traces its targets movements and all these different pieces of information are brought together in this simple to use program
@JoshBreiner
@haaretzcom
הכל! (כמעט) על הרשת הזרה שחיה בתוכנו כבר שנתיים:
תחקיר שלנו עם
@omerbenj
מראה כיצד הצליחה לחדור למחאה למען השבת החטופים, שלחה אזרחים למשימות ואספה מודיעין.
איך תדעו אם נפלתם ברשת, מה הקשר לרב הראשי לשעבר, ואיך הכל התחיל מיאיר נתניהו? מתחילים🧵 >>
סגל משקר - ״מי שיפתח את הערך היום לא יראה את הפרטים האלה, נכון?״ - ושואל את הכתב, שעונה ״נכון״... למרות שלפני פחות מדקה אותו כתב נלהב אמר שהעריכה נעשתה לפני חודש, הוא לא מתקן את השקר ואומר ״נכון״... כמובן הוא לא ציין שזה היה *באוויר 8 דק*
איך ישראל אישרה למכור למדינה לא דמוקרטית טכנולוגיה סודית ו"מטורפת" של פריצה לטלפונים ומחשבים - ואז נבהלה.
״כל שצריך זה פאשלה אחת של לקוח, מקרה אחד של ניצול לרעה כדי שהיכולת כולה תישרף לגמרי"
חשיפה שלי ושל דסק "השירות החשאי", היום בבוקר על שער מוסף הארץ
השקר של ערוץ 20: נטען כי ״מי שיכנס לויקיפדיה היום״ לא ידע את האמת על ליאת בן ארי כי מישהו מחק מהערך שלה פרטים חשובים. אבל העריכה המדוברת הייתי באוויר במשך *8 דק* לפני *3 שבועות*
Sources I spoke to me say the current version of Pegasus does not look EXACTLY like this but is extremely similar in terms of its menus, functions and interface style (though the colors are different now)
@JoshBreiner
@haaretzcom
We always hear about Pegasus in OTHER countries - be it Spain or the UAE - but one thing people forget is that Israel is also a client
@JoshBreiner
@haaretzcom
In first, Israeli citizen found to have been infected by Pegasus twice in the past two years. Unclear why the man, who is active in the protests against Netanyhu, was targeted and by who. Forensics by
@JamfSoftware
@ZecOps
@citizenlab
🚨This is surveillance capitalism at its finest! The world of "digital arms" has evolved, moving into the realm of ad-based intelligence (AdInt). This is how this next-gen digital weapon leaked into the private cyber arms sector >>
Report says Israeli spyware was used in Trinidad and Tobago to spy on lawmakers, journalists and judges.
However, it may not be NSO but a different Israeli spyware – one recently found on the phone of a Greek journalist >> THREAD
SCOOP with
@DrWhax
- Israel killed Morocco's access to Pegasus - but also failed to okay its deal with QuaDream
- Leaked code reveals their spyware and show it may have abused WhatsApp
- Sources: Firm also developed “terrifying” new spyware
The long story:
@FbdnStories
follows up on the work of journalists that are threatened or killed. They decided to bring together reporters from across the world to investigate the shady disinformation-for-hire industry
Over the course of Zoom meetings, Team Jorge pitched their bundle of services. First, you collect “active intelligence on your targets” - this includes hacking into email and messaging accounts. These can later be leaked.
#TeamJorge
@FredMetzo
@GurMegiddo
After meeting in Paris,
@GurMegiddo
had an idea: We should pose as potential clients & try to get a meeting w these firms. Get them to pitch themselves
@FredMetzo
#teamjorge
No morals, no qualms, no borders: From a small office building , a group of Israelis is spreading global disruption, boasting of election intereference, hacking and manipulation
investigation by
@GurMegiddo
@omerbenj
@FredMetzo
Haaretz/RadioFrance
1/n
אחרי שנים שקהלת פועלים בויקיפדיה בשלל דרכים - כולל הפעלה של עורכים בתשלום - נחשף שעובד בקהלת הפעיל גם חשבונות מזויפים. קהלת טוענים שזה נעשה ללא ידיעתם וללא אישור מצידם. מדובר בפרשה חמורה מאוד והפרה חמורה של חוקי הקהילה - ויש מי שדורש לחסום את הפורום
Mysterious hacker groups are knocking out critical infrastructure in Iran, leaking secret info about the IRGC, hijacking TV broadcasts and trying to foment uprising against Tehran.
Cyber revenge for October 7 seems to have begun >>
Some were playing out in front of our very eyes. We were shown the live Telegram account of a senior Kenyan official, now a serving minister. Jorge showed us how he could send messages from his target’s phone.
#TeamJorge
@FredMetzo
@GurMegiddo
CLEARED FOR PUBLICATION:
#ProjectPegasus
reveals massive list of potential targets of Israeli spyware NSO, including Modi’s biggest rival Rahul Gandhi and even (an old number belonging to) Pakistani leader Imran Khan >>
@FbdnStories
@amitaiz
@haaretzcom
After a week of shock, I finally managed to do some reporting: as Hamas commandos were crossing the boarder into Israel, a digital offensive was also launched
Alongside Hamas propaganda bots, disinfo about the war being an “inside job” or an “IDF betrayal” were rampant
The project, if anyone was crazy enough to take it on: Postpone an election in an African country without any reason.
And the disinfo industry said: HOLD MY BEER
#TeamJorge
@FredMetzo
@GurMegiddo
This is one of the most concerning disinformation narratives to emerge this past 12 days.
My last report, based on
@FakeReporter
’s amazing work, explains its origin and how it’s getting help from the far right and conspiracy theorist across the globe
The conspiracy alleging that Israel or someone inside Israel has helped Hamas massacre citizens continues to circulate.
This bogus allegations for example has gained 5.4M Views(!). It is based on a Rabbi that "knows confidential sources" and is utterly nonsense.
What happens in Cyprus does not stay in Cyprus.. Israeli cyber firm attempting to avoid oversight sets up shop in Cyprus, then Athens and now the Greece spy chief & top aide to PM quit after journalist
@nasoskook
and head of Greek opposition hacked
Cybersecurity industry sources tell me that the cyber attack on Israeli .gov websites was a big distributed denial of service (
#DDos
) attack and that it *may* be a state op, **maybe** even an Iranian one, but not Ukraine related .
Israel is collecting evidence digital & physical for a war crimes case against Hamas
OSINT/SOCMINT firms helped set up "The Library" based on video from Hamas terrorists' GoPro cams, social media accounts & other online sources
@ran_shimoni
@chenmaanit7
Sources linked us to middlemen, mediators put us in touch with door openers. None seem bothered by the fact we wanted to have a democratic election called of for no reason
#TeamJorge
@FredMetzo
@GurMegiddo
.
@FredMetzo
played a mild-mannered French consultant
I played the neurotic American
@GurMegiddo
the ex-Israeli
More calls were made. After one key introduction, we were told to call Jorge.
You might be wondering: Who are they?
#StoryKillers
reveals the identity of Jorge, whose real name is Tal Hanan, a former Israeli special forces officer who surrounds himself with former Israeli intelligence officers and spin doctors.
He denied "any wrong doing".
🌐 Who's behind Insanet? A group of seasoned cyber entrepreneurs with strong Israeli intelligence ties and young innovators with a dual background in military cyber units and the ad industry >>
Now it’s personal: US slaps personal sanctions on rouge Israeli intel spyware firm and its founder. News shows that though initially concerned with Israeli firms like NSO and Candiru, the WH is now more concerned by unregulated Israelis operating abroad .
How Israeli spy tech, specifically NSO's Pegasus, is used across the world to hunt journalists, activists and even leading politicians from India to Saudi Arabia
THREAD on the
#PegasusProject
#ProjectPegasus
investigation by
@FbdnStories
&
@amnesty
🚨 The age of AI-driven disinfo and information warfare is upon us 🚨
Kremlin-run Doppelganger campaign is back,
@antibot4navalny
& others find: 20k+ of AI-written posts pushed out by 6k+ automatic accounts, alongside fake websites & deep fake video >>
🖥️Their product - "Sherlock." This tool exploited ads to infiltrate devices - peak of surveillance capitalism. It has the power to breach Windows, iPhones, AND Androids. A universal hacking tool >>
NSO also tried to get into the game and developed a yet-reported product called Truman to try to take the lead in developing an offensive AdInt market. But the twist? They never got to launch it >>
Sources say the
#BlastDoor
exploit identified by
@citizenlab
was developed by NSO hackers, but the infection chain or at least parts of it are also used by other Israeli spyware firm that will now struggle to continue to provide coverage for clients
🛑 It's new era of digital warfare and the lines between ads, tech, and espionage blur. As technology continues to advance, the need for well-governed ethical use and strict regulations becomes paramount
🌐 Enter Insanet: Not just a catchy name, but a nod to the insanity of their tech. Founded in 2019, they're the only firm to every legally sell an offensive AdInt technology >>
“If NSO could be said to be an actor with problematic ethics, at least everything it did was legal and cleared with the Israeli state. This is something different and much more severe" - my investigation into
#Intellexa
an Israeli owned cyber intel firm
Jorge and his team - aka
#TeamJorge
- we would soon learn have a lot of experience in election interference - and no lack of ideas
@FredMetzo
@GurMegiddo
Wikipedia is dealing masterfully with the
#coronavirus
infodemic. The crisis has led the community & even the
@Wikimedia
Foundation to acknowledge
@Wikipedia
's role as the public’s main source of medical & health information today
💰The price tag for such a vector? An eye-watering 6 million euros for a single infection. If Pegasus is considered the nuclear bomb of digital arms, Sherlock is the warhead >>
The Israeli phone-hacking firm Cellebrite claimed it can break into Signal - the world’s most encrypted app.
Yesterday Signal’s founder
@moxie
got his revenge and revealed he hacked the hackers and found some serious flaw
#THREAD
Bombshell new report today from Haaretz (
@omerbenj
) about the spyware industry’s continued efforts to subvert our collective cyber-security, now by turning already invasive ad networks into spyware infection vectors.
As a teen who just moved to Israel and knew no Hebrew, I read him fanatically
As an adult, I had the honor of working with him
Today,
@bradleyburston
writes his last column for
@haaretzcom
His wise words, unique style & boundless optimism will be missed
The head of Greece’s socialist party was targeted by the
#predator
spyware, made by
#cytrox
, which is owned by
#Intellexa
. He’s the second EU national targeted by the spyware; the first being journalist
@nasoskook
.
אחרי שהסתבכו עם האפליקציה הכי מוצפנת בעולם, החברה הישראלית סלברייט (שעוזרת למשטרות לפרוץ לטלפונים של חשודים/עצורים) על המוקד ובארץ ובחו״ל דורשים מהמשטרות: תפסיקו להשתמש בטכנולוגיה הזאת. שבוע שעבר נחשף כי ניתן לפרוץ לתוכנה של סלברייט, מה שעלול להטיל בספק בראיות שהיא אוספת
@oyoyoy
Though there is no case or claim or any wrongdoing or misuse, Toka’s tech - once the stuff of science fiction or movies - raises important political, legal and ethical questions “These are unimaginable capabilities. This is a dystopian technology from a human rights perspective”
🌍 The global implications? Israeli firms developed tech that was meant to counter terrorism, but as they are sold to nations with questionable track records, they are frequently abused and turned on journalists and human rights defenders >>
A short thread on Pegasus, the Israeli occupation and how we define terror in wake of this AMAZING Guardian scoop about the CIA calling BS on Israel's claim that Palestinian rights orgs are terror groups- a claim based on intel collected by hacking phones
Watching a
#Qanon
supporter on the Senate dais, with no plan, no shirt & a bewildered look on his face, reminded me of what Prof.
@YBenkler
said ahead of the elex: Russian propaganda aims “to create a world where nothing is true and everything is possible”
SCOOP Previously unknown Israeli cyberoffense firm that sold tech to Gulf states - NFV Systems - is under investigation by secretive defense body for skirting arms exports - in a case that may ‘damage national security’
@avischarf
@JoshBreiner
🖥️ A leaked 2019 Candiru sales document shows how Sherlock was billed alongside their PC spyware. As a vector, it can breach Windows, iPhones, AND Androids. At the time, no one knew Insanet existed & the tool was (mis)attributed to Candiru
Toka is under Israeli ministry of defense oversight - its clients are mostly US and it’s allies in the west, but also includes Israel and likely Singapore Revealed: The Israeli Firm Selling ‘Dystopian’ Hacking Capabilities - National Security & Cyber
אתר המתחזה לבלוג של אלוף בן כלל מאות טורים אמיתיים שפירסם. אך הוא גם כלל מספר "חשיפות" מזויפות לגמרי, כמו ״פגישה סודית בין
@idanroll
לנשיא תימן״ שבמסגרתה תימן הסכימה לכאורה להכיר בישראל. הכתבות המזויפות קודמו בין השאר באתר של אל מנאר (חיזבאללה)
@oyoyoy
According to a company pitch deck obtained by
@Haaretz
@haaretzcom
, Toka offers “previously out-of-reach capabilities” that “transform untapped IoT sensors into intelligence sources,” and can be used “for intelligence and operational needs.”
INSANE SCOOP by
@hagar_shezaf
,
@yanivkub
&
@avischarf
: During the last Gaza war, the IDF opened fake accounts online as part of an influence operation (aka psychological warfare) aimed at ISRAELI CITIZENS!
🚫Insanet's journey wasn't smooth sailing. Although they could initially legally sell Sherlock, the Israeli Defense Ministry soon reigned in their permit. They did manage to sell Sherlock to one (nondemocratic) country >>
חשיפה שלנו הבוקר:
איראן מפעילה קבוצות מתחזות בכדי להשפיע על פעילי מחאה ופעילים תומכי נתנהו לבצע פעולות בשטחה. שמטרתן/ העמקת הקרע החברתי. כך למשל הצליחה להביא אנשים לתלות בבתיהם שלטים בהם נכתב "אין דמוקרטיה - אין קול"
@bar_peleg
@omerbenj
@JoshBreiner