
The Ethiopian government used spyware acquired from an Israeli company to spy on dissidents living in the country and abroad, but government operatives have failed when configuring their command and control (C&C) server, exposing a list of all their targets.
This secret surveillance operation appears to have started last year, and consisted of spear-phishing emails that contained links to various sites. On these websites, users were lured to download a fake Adobe Flash Player update or an app named Adobe PdfWriter to view videos or PDF files. The two files were laced with malware.
Ethiopian operatives make crucial mistakeThe spear-phishing campaign wasn't very well executed, and some targets became suspicious. Some forwarded the fishy emails to Citizen Lab, an organization that has a long history of tracking and exposing politically motivated surveillance campaigns.
Instead of backing down and dismantling their infrastructure, Ethiopian government operatives decided...(continued)