O spyware Israeli Predator was used as a trap to attract several Angolan citizens to click on fake pages, accessing all the content on their cell phones, in addition to being able to use the camera and microphone to monitor users.
Among the fake pages created by the spyware, the highlights are those of media outlets, such as Jornal de Angola, Novo Jornal, Angop and an extensive list of electronic addresses to which small changes were introduced in order to attract citizens, when using secure connections.
According to what was revealed by the Amnesty International Security Laboratory and shared with Expresso, Predator takes full control of the cell phone and encourages the user to click on links that imitate real websites, such as media outlets or social networks.
It should also be noted that among the news sites, a pirated version of CNN Portugal and the TAP flight reservation page were created, highlighting that between March and August 2023, fifty URLs of pages infected with Predator were created, “many of them similar to the addresses of some popular news sites in Angola”.
BUT: How to mitigate the rise in cyber incidents in Africa
The investigation reached out to the entities involved for comment but did not receive a response.
"However, the EIC (European Investigate Collaborations) network has received a response from major shareholders and former executives of the Nexa group, who claim that the Interllexa alliance has ceased to exist“, informs the note.
The Israeli Predator spyware was designed by a startup specializing in hacking, Cytrox, based in North Macedonia. Cytrox was acquired in 2018 by the former head of a military intelligence hacking team, Tal Dilian, before he joined Interllexa, largely formed by former Israeli intelligence officials.
