We've got a neat new @citizenlab report out, looking at NSO Group affiliate company Circles, the we-spy-without-hacking-your-phone guys, who reportedly exploit flaws in mobile phone networks themselves. We ID'd a bunch of likely customers! citizenlab.ca/2020/12/runnin…
The essence of the report is simple. The firewalls of Circles systems are configured using a management server with the domain name "tracksystem[.]info." Thanks to some leaked documents filed in a lawsuit in Israel, we can see that this domain name is used by Circles for email ImageImage
There's some dodgy customers, including spyware abuser UAE (apparently UAE Supreme Council for National Security, Sh. Tahnoon's Royal Group, and Dubai Police). The Royal group case is interesting, because there also seems to be a nexus with Mohammed Dahlan. Image
Interesting case in Peru as well. In 2016, @fbajak reported on Israeli co Verint's role in "Project Pisco" (apnews.com/article/f799cf…) a National Intelligence Directorate (DINI) initiative to monitor comms. Our scans found a Circles system called "Porsche Pisco" operated by DINI. Image
Also nice overlap in Nigeria w/ @PremiumTimesng report that two governors used Circles to spy on political opponents (premiumtimesng.com/investigations…). We found Circles systems in Nigeria. One system appears to be operated by the same group as a FinFisher system we found in 2015. Image
Also nice overlap w/ investigation by @NuestroDiario (nomada.gt/pais/la-corrup…) looking at Guatemala's General Directorate of Civil Intelligence (DIGICI). DIGICI reportedly abused Circles to spy on journalists. Our scans found a Circles system in Guatemala operated by DIGICI! Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Bill Marczak

Bill Marczak Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @billmarczak

19 May
Uh oh. It looks like the US state of Nevada has partnered with a UAE intelligence-linked company (Group 42) on COVID19 testing. It seems that Group 42 will get access to test data from US Citizens, which they will use for an "innovative genomic study." nvc19.org/united-arab-em…
A little background on Group 42: they were the ones behind the ToTok chat app. ToTok was banned from both the Apple Store and the Google Play Store after US intelligence sources told the New York Times that ToTok was a front for UAE intelligence. nytimes.com/2019/12/22/us/…
Also, ToTok (formerly "Group 42 IM") is linked to Sheikh Tahnoon bin Zayed al-Nahyan, a senior UAE intelligence official. Sheikh Tahnoon's adopted son and PR manager were both apparently directors & investors of holding companies linked to ToTok medium.com/@billmarczak/h…
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!