Security News > 2021 > October > Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo
A prominent Togolese human rights defender has been targeted with spyware by a threat actor known for striking victims in South Asia, marking the hacking group's first foray into digital surveillance in Africa.
Amnesty International tied the covert attack campaign to a collective tracked as "Donot Team", which has been linked to cyber offensives in India and Pakistan, while also identifying apparent evidence linking the group's infrastructure to an Indian company called Innefu Labs.
The unnamed activist is believed to have targeted over a period of two months starting in December 2019 with the help of fake Android applications and spyware-loaded emails.
"The spyware can be used to steal files from the infected computer and any connected USB drives, record keystrokes, take regular screenshots of the computer, and download additional spyware components," the researchers said.
Although Innefu Labs has not been directly implicated in the incident, Amnesty International said it discovered a domain that pointed to an IP address used by a Delhi- based company named Innefu Labs.
"The nature of cross-border commercial cyber surveillance where the surveillance targets, the operators, the end customer, and the attack infrastructure can all be located in different jurisdictions creates significant impediments to achieving remediation and redress for human rights abuses."