Stopping The Press: New York Times Journalist Targeted By Saudi-Linked Pegasus Spyware Operator (Jan 28, 2020)
Ben Hubbard, the Beirut Bureau Chief for the New York Times, has been targeted with Pegasus, mobile spyware developed by the Israel-based company, NSO Group. The targeting of journalists using NSO-developed spyware is an ongoing threat around the world with journalists, activists and dissidents being targeted for surveillance. There have been reported cases in Mexico and Saudi Arabia of journalists being targeted with Pegasus spyware including the most well known murder of Washington Post columnist Jamal Khashoggi in 2018. The case involving Ben Hubbard details that Hubbard was sent a text in Arabic saying “Ben Hubbard and the story of the Saudi Royal Family” with a link to arabnews365[.]com, a domain that has been known to be used in the Pegasus infrastructure for downloading the spyware.
Recommendation: Avoid following any suspicious links in SMS, and be sure to install apps only from official sources. In addition, and check what permissions being granted during the installation of any app. Education is the best defense, inform your employees on what to expect for information requests from their managers and colleagues. Employees should also be aware of whom to contact when they suspect they are the target of a possible spearphishing attack. All employees and individuals should be educated on the risks of phishing, specifically, how to identify such attempts and whom to contact if a phishing attack is identified. Emails that request that the recipient follow a link should be seen as a potential phishing attack.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.