Netizen Report: Researchers Uncover Mobile Phone Spyware in 60 Countries Worldwide

Remote Control System map by Citizen Lab.

Remote Control System map by Citizen Lab.

Ellery Roberts Biddle, Lisa Ferguson, Oiwan Lam, Hae-in Lim, Bojan Perkov, Sonia Roubini, and Sarah Myers West contributed to this report.

Global Voices Advocacy's Netizen Report offers an international snapshot of challenges, victories, and emerging trends in Internet rights around the world. This week we begin with new research from Kaspersky Labs and the University of Toronto’s Citizen Lab, where security researchers reverse engineered a mechanism developed by Italian company Hacking Team that a reported 60 governments worldwide are using to sweep up mobile phone data. Disguised as a regular news app for Android, the technical “implant” allows covert collection of emails, text messages, address books, and keystroke logging. It can take screenshots, record audio and photos, and monitor the user’s location through GPS.

Particular attention has been placed on use of the implant, which is part of Hacking Team's “Remote Control System” product, by the Saudi government. Human Rights Watch researcher Cynthia Wong called the sale of “so-called ‘lawful intercept’ tools to governments that equate dissent with terrorism” a “recipe for disaster”. She implored Hacking Team to discontinue contracts and technical support for their products with governments that have used the technology to exploit the privacy and other fundamental rights of citizens. Responding to an inquiry about the product from Human Rights Watch, Hacking Team said that it would suspend support for its products if there were reason to believe that a customer had misused the technology. To date, the company has released no information about investigations of this nature.

The Remote Control System fits into a larger suite of tools developed by Hacking Team used to track computers and laptops. In a thoroughly creepy marketing video, Hacking Team asks, “is passive monitoring enough? You need more. You want to look through your target’s eyes.”

Free Expression: Leading Jordanian NGO site blocked again

The website of 7iber, an Amman-based NGO that supports free expression and access to information in Jordan, was blocked for a second time on Monday. The group’s site originally was blocked last summer after they declined to seek a required state license for their site. They instead re-routed traffic to a new domain, which remained accessible in Jordan until this week. 7iber Editor-in-Chief Lina Ejeilat explains their position on the issue:

What we oppose is the licensing requirement, which requires every publication or website to get permission from the government in order to operate. The requirement to license is one of the oldest tools of government censorship and restriction of freedom of expression. How could it be that in the digital age of self-publishing, social media and citizen journalism, you have to get government permission to publish online?

The mesh networking app FireChat, which allows users physically close to each other to communicate without an Internet connection, has been downloaded over 40,000 times in Iraq since June 14. The app, which debuted in March, gained wide adoption in Iraq after the government began deploying a number of limits on Internet access, including network outages and blocking of social media platforms.

Thuggery: Hundreds of protesters arrested at Hong Kong pro-democracy rally

More than 500 protesters demanding democratic elections free of China's influence were arrested in Hong Kong during a peaceful sit-in in the city's business district. The sit-in followed a pro-democracy rally of a half a million Hong Kongers on July 1. China has promised Hong Kong a direct vote for the next chief executive in 2017, but insists that a committee approve the candidates. Fearing that China could manipulate the committee to only choose pro-Beijing candidates, protesters demanded that citizens be allowed to nominate the candidates in tandem with a citizen-led referendum held in late June, where nearly 800k people voted on proposals for universal suffrage in Hong Kong. The online components of the voting system suffered a massive DDoS attack just days prior to the referendum.

Industry: Facebook scares users with creepy methods for researching user emotions

Facebook published the results of a study showing it had manipulated the newsfeeds of almost 700,000 users in order to assess whether the positive or negative emotions in messages appearing in a users’ feeds impacted the tone of the content the user themselves posted. While they found moderate effects in the study, the dubious ethics behind their methodological approach set social networks ablaze with criticism.

The German Interior Ministry announced [de] plans to cancel a contract with Verizon, which had provided Internet access and telecom services to several German federal agencies, and begin using the local Deutsche Telekom instead. Observers interpreted this as a sign that the Snowden revelations are taking a toll on US companies doing business abroad. The announcement came after local media uncovered that the German Bundestag, among other entities, were being serviced by Verizon and the UK-based Colt.

Internet Insecurity: Thai junta tricks users with phony Facebook login

Digital rights group the Thai Netizen Network reported that the Thai military government created fake applications to harvest information about users who attemped to visit blacklisted websites in Thailand. When users visit one of the 200+ blocked websites, they are redirected to a web page managed by Thailand’s Technology Crime Suppression Division, where two buttons attempt to trick users into sharing their information. In response, TCSD defended [th] the deceptive aps, which violate Facebook’s own policy, saying that this method of data collection, “can handle more witnesses, which can lead to more prosecutions and will make the online society more clean.” This is a flagrant violation of Facebook’s policy for its app developers, and the app-cum-phishing scheme has been suspended, twice.

Surveillance: How transparent is the NSA transparency report?

The National Security Agency published its first Transparency Report for 2013, a first step toward disclosing the scope and scale of its requests for information. According to the report, the agency submitted 38,832 requests for information and 1,767 FISA orders. But many of the numbers are termed as “targets”, which could include a person, group, or organization – leaving it unclear how many individuals were affected by a single request. For example, a single Section 702 FISA request affected 89,138 targets, but targets included both individuals and groups, thus the number of individuals affected by the request was much higher.

Privacy: Russia’s latest scary Internet law

Russian lawmakers introduced a bill that would force foreign Internet companies to store Russian users’ personal information on local servers. Should the law come into effect in 2016, companies like Google and Facebook may be forced to choose between protecting user privacy and operating legally in the country.

Netizen Activism: E-posta öz savunma

As part of the Reset the Net campaign, the Free Software Foundation launched an e-mail self-defense guide for GNU/Linux, Mac OS and Windows users, available in seven languages: English, French, German, Portuguese, Turkish, Russian and Japanese. More translations are underway, so defense against the dark arts will be much more accessible to users in the months to come.

Publications and Studies


Subscribe to the Netizen Report by email


Start the conversation

Authors, please log in »


  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.