Social Engineering: From Qatar With Love – Cyber espionage

Christopher Burgess Blog, Information Security 2 Comments

Is the Government of Qatar perfecting their social engineering or is this a case of Qatar vigilantism? A recent write-up by Claudio Guarnieri, a security researcher working for Amnesty International, leans toward nation state sponsorship, exercising what he describes as “Operation King Phish“.  

Prevendra - Social Engineering - Robin Sage

Robin Sage – 2009

A review of Guarnieri’s report and one’s brain will have a flurry of memory triggers, synapses, bringing to mind the highly successful social engineering exercise of 2009,  Robin Sage.  Like Robin Sage there is a femme fatale, with a multitude of social network profiles … Google+, LinkedIn, Twitter and Facebook (as of 03 March 2017 they have all been removed). 

Safeena Malik - 2017

Safeena Malik – 2017

Meet Safeena Malik. She claims to be a human right’s activist, a director at Amnet. At the height of her activity she had connected to over 500+ individuals on the professional network LinkedIn alone.

Her modus operandi … old fashion click-bait social engineering. She would send emails, direct message tweets, open Google hangouts or Facebook messenger apps. Each time she would provide a presentation or document for the recipient’s review.

Clickbait - Social Engineering used in the *Safeena Malik King Phish* op by Qatar | tks @amnesty Click To Tweet

Those who opened the file attachment or clicked on the link were either gifted with a malware payload or sent to a look-a-like login page for their Google accounts. In either scenario, the entity(ies) behind Malik were attempting to compromise your device and your Google ecosystem (google drive, photo, email, etc.).

The target?  The report indicates: “… (King Phish) was a well-engineered campaign of phishing attacks designed to steal credentials and spy on the activity of dozens of journalists, human rights defenders, trade unions and labour rights activists, many of whom are seemingly involved in the issue of migrants’ rights in Qatar and Nepal.”

The migrant worker issue has been a political hot potato in Qatar for quite some time, especially featuring those who migrate to Nepal specifically to help build the infrastructure required for the FIFA World Cup of 2022. In 2014, The Guardian reported, “Nepalese migrants building the infrastructure to host the 2022 World Cup have died at a rate of one every two days in 2014 – despite Qatar’s promises to improve their working conditions.” According to the BBC, more than 1400 had died as of 2015, no doubt the number is higher. 

The BBC has been covering the issue for some time, and in 2015 found that their reporter’s investigative skills were not appreciated by the Government of Qatar.  The video from the BBC reporter highlights the sensitivity in Doha.

How many migrant workers are there in Qatar? According to the Guardian, there are about 400,000 Nepalese workers in Qatar among the 1.4 million migrants.  

What say the Government of Qatar? Not only no, but emphatically no. They claim no interest in Amnesty International or any other and they too wish to know the identity of the culprits behind this activity.  They would never engage in cyber espionage.

What say Amnesty International on QatarThe authorities unduly restricted the rights to freedom of expression, association and peaceful assembly. One prisoner of conscience was pardoned and released. Migrant workers faced exploitation and abuse.

Will this be the last case of social engineering used in a political farcus. Those with opinions, remember the adage, don’t click. Nation states and unscrupulous competitors will use all the tools available to them to engage their target.

Prevendra's Email Updates
Get the latest content first.
100% Privacy. We don't spam.

Trackbacks

  1. […] Social Engineering: From Qatar With Love – Cyber espionage (Prevendra – 03 March 2017) […]