In a report published last week, Amnesty International revealed the connection between an Indian cybersecurity firm and an Android spyware program that was meant to target a well-known Togolese human rights defender.
Security Researchers Found Evidence
Amnesty International’s experts conducted the inquiry after finding evidence of surveillance against the Togolese activist, as well as indications of spyware installation in numerous important regions of Asia.
The international non-governmental organization declared it believes there are ties between the Android spyware and Innefu Labs, a cybersecurity company based in India. The statement comes after they discovered that the spyware payload was distributed using an Innefu Labs IP address on multiple occasions.
Amnesty International linked the campaign to a collective of Indian cybercriminals tracked as ‘Donot Team’ (APT-C-35) known for targeting governments in Southeast Asia since at least 2018.
Innefu Labs’s Reaction
Amnesty International believes that Innefu may be unaware of how its clients or other third parties use its tools. Nevertheless, now that full technical details are available, an external audit could disclose everything.
Here is Innefu Labs’s response:
At the outset we firmly deny the existence of any link whatsoever between Innefu Labs and the spyware tools associated with the ‘Donot Team’