A prominent Togolese human rights defender has been targeted with spyware by a threat actor known for striking victims in South Asia, marking the hacking group’s first foray into digital surveillance in Africa.
Amnesty International tied the covert attack campaign to a collective tracked as “Donot Team” (aka APT-C-35), which has been linked to cyber offensives in India and Pakistan, while also identifying apparent evidence linking the group’s infrastructure to an Indian company called Innefu Labs. The unnamed activist is believed to have targeted over a period of two months starting in December 2019 with the help of fake Android applications and spyware-loaded emails.
“The persistent attacks over WhatsApp and email tried to trick the victim into installing a malicious application that masqueraded as a secure chat application,” Amnesty International said in a report published last week. “The application was in fact a piece of custom Android spyware designed to extract some of the most sensitive and personal information stored on the activist’s phone.”
The messages originated from a WhatsApp account associated with an Indian phone number that’s registered in the state of Jammu…