Hackers posed as Amnesty International, promising anti-spyware tool that actually collects passwords

Written by
Sep 30, 2021 | CYBERSCOOP

Fraudsters are posing as human rights group Amnesty International to trick individuals into downloading malicious software, researchers at Cisco’s threat intelligence unit Talos report.

Masquerading as the human rights group, registered multiple domains using variations on the Amnesty name to advertise a demo for “Amnesty Anti ” software that could allegedly scan devices for the NSO Group spyware, which Amnesty has closely examined. The malware had a realistic-looking “Anti Pegasus” user interface. In fact, victims downloaded Sarwent, a malicious software that gives attackers a to a victim’s machine.

Hackers can use that access to download and execute other malicious tools as well as exfiltrate data such as passwords.

The campaign preys on growing concerns around the threat of spyware. Human rights advocates have long criticized the NSO Group for the use of its by governments to spy on activists, dissidents and journalists. A sweeping July report by Amnesty International and partners revealed that the spyware was using a vulnerability in the previous version of iOS to target more than three dozen victims. Apple patched against the vulnerabilities in September.

In light of the growing number of victims,

Read More: https://www.cyberscoop.com/amnesty-international-spyware-scam-pegasus/