The Alleged Vietnam Spy Campaign: Unraveling the Connection to EU-Made Malware

Vietnam Linked to Global Spy Campaign Using EU-Made Malware

Amnesty International has released a report detailing a global spyware campaign that is believed to be orchestrated by Vietnamese agents using EU-made malware. According to the report, a Vietnam-linked Twitter account attempted to infect the phones of various people and institutions with malware called Predator, including overseas Vietnamese journalists, EU and US officials, and Taiwanese President Tsai Ing-wen.

The Predator Malware

The Predator malware, marketed by a consortium of companies with French and Israeli connections and bases across Europe, is similar to the infamous Pegasus spyware developed by Israeli firm NSO. Like Pegasus, Predator takes control of the camera and microphone of an infected phone, effectively turning it into a pocket spy.

French news outlet Mediapart, in a joint investigation with Germany’s Spiegel magazine, revealed that Predator has been sold to governments in countries such as Egypt, Qatar, the United Arab Emirates, and Pakistan. The malware has also been found on the phones of an Egyptian activist and a Greek journalist dating back to 2021.

Human Rights Concerns

Amnesty International has expressed serious concerns about the use of surveillance technology like Predator, stating that it is fundamentally inconsistent with human rights. Katia Roux, an advocacy officer from Amnesty, criticized the European Union for failing to effectively regulate the surveillance software sector. The organization is calling for a ban on Predator and a moratorium on all other surveillance software.

Involvement of Vietnamese Authorities

According to investigations by Mediapart and Amnesty, Predator was sold to someone at the Vietnamese Ministry of Public Security for 5.6 million euros ($5.9 million) in 2020. The evidence collected suggests that agents of the Vietnamese authorities or individuals acting on their behalf may be behind the spyware campaign. However, it remains unclear whether the campaign successfully infected any of its targets.

The Origins of Predator

Predator was initially developed by a North Macedonian firm called Cytrox before being marketed by the Intellexa group. Intellexa, which is described by Amnesty as a “complex, morphing group of interconnected companies,” was established by a former Israeli soldier and incorporated in Ireland. The group later formed an alliance with French umbrella organization Nexa to market spyware.

In July, the United States blacklisted both Cytrox and Intellexa, warning that their software posed a threat to the privacy and security of individuals and organizations worldwide.

Editorial: The Dangers of Surveillance Technology

This recent spyware campaign linked to the Vietnamese authorities highlights the growing concern surrounding the proliferation of surveillance technology. The invasive capabilities of malware like Predator and Pegasus pose severe threats to privacy, freedom of expression, and human rights.

The international community must recognize the urgent need for robust regulation in the surveillance software sector. Governments, alongside technology companies and civil society, must work together to establish clear guidelines and international standards that safeguard individuals from abuses facilitated by such technologies.

Furthermore, incidents like the Vietnamese spyware campaign also raise questions about the ethical responsibility of companies involved in the creation and sale of surveillance software. It is imperative that these companies prioritize respect for human rights over financial gain and refrain from engaging in ventures that undermine privacy and security.

Advice: Safeguarding Against Surveillance Threats

In an era where digital surveillance is becoming increasingly prevalent, individuals must take proactive measures to protect their personal privacy and security:

1. Update and Secure Your Devices

Regularly update your devices’ operating systems and applications to ensure that you have the latest security patches. Additionally, use strong, unique passwords and enable two-factor authentication whenever possible.

2. Be Cautious of Suspicious Communications

Avoid clicking on suspicious links or opening attachments from unknown senders. These can be the entry point for malware infections. Practice skepticism and verify the source and integrity of any unsolicited communication before taking any action.

3. Install Reliable Security Software

Utilize reputable antivirus and anti-malware software that can detect and remove potential threats. Regularly perform scans of your devices to identify and eliminate any malicious software.

4. Protect Your Online Data

Encrypt your communications using secure messaging applications, enable encryption on your email, and use virtual private networks (VPNs) when accessing the internet, especially when using public Wi-Fi networks.

5. Stay Informed and Vigilant

Keep up to date with the latest cybersecurity threats and best practices for protecting yourself online. Be vigilant about your online activities and immediately report any suspicious behavior or potential security breaches.

By taking these proactive steps, individuals can significantly reduce their vulnerability to surveillance threats and protect their privacy and security in an increasingly interconnected world.

This report contains information from an article originally published on Tech Xplore: [Link].