‘Team Jorge’ unit exposed by undercover investigation
Group sells hacking services and access to vast army of fake social media profiles
Evidence unit behind disinformation campaigns across world
Mastermind Tal Hanan claims covert involvement in 33 presidential elections
Group sells hacking services and access to vast army of fake social media profiles
Evidence unit behind disinformation campaigns across world
Mastermind Tal Hanan claims covert involvement in 33 presidential elections
by Stephanie Kirchgaessner, Manisha Ganguly, David Pegg, Carole Cadwalladr and Jason Burke
Part 3 - ‘I will show you how safe Telegram is’
No less alarming were Hanan’s demonstrations of his team’s hacking capabilities, in which he showed the reporters how he could penetrate Telegram and Gmail accounts. In one case, he brought up on screen the Gmail account of a man described as the “assistant of an important guy” in the general election in Kenya, which was days away.
“Today if someone has a Gmail, it means they have much more than just email,” Hanan said as he clicked through the target’s emails, draft folders, contacts and drives. He then showed how he claimed to be able to access accounts on Telegram, an encrypted messaging app.
“Today if someone has a Gmail, it means they have much more than just email,” Hanan said as he clicked through the target’s emails, draft folders, contacts and drives. He then showed how he claimed to be able to access accounts on Telegram, an encrypted messaging app.
One of the Telegram accounts he claimed to penetrate belonged to a person in Indonesia, while the other two appeared to belong to Kenyans involved in the ongoing general election, and close to the then candidate William Ruto, who ended up winning the presidency.
“I know in some countries they believe Telegram is safe. I will show you how safe it is,” he said, before showing a screen in which he appeared to scroll through the Telegram contacts of one Kenyan strategist who was working for Ruto at the time.
Hanan then demonstrated how access to Telegram could be manipulated to sow mischief.
“I know in some countries they believe Telegram is safe. I will show you how safe it is,” he said, before showing a screen in which he appeared to scroll through the Telegram contacts of one Kenyan strategist who was working for Ruto at the time.
Hanan then demonstrated how access to Telegram could be manipulated to sow mischief.
Typing the words “hello how are you dear”, Hanan appeared to send a message from the Kenyan strategist’s account to one of their contacts. “I’m not just watching,” Hanan boasted, before explaining how manipulating the messaging app to send messages could be used to create chaos in a rival’s election campaign.
“One of the biggest thing is to put sticks between the right people, you understand,” he said. “And I can write him what I think about his wife, or what I think about his last speech, or I can tell him that I promised him to be my next chief of staff, OK?”
Hanan then showed how – once the message had been read – he could “delete” it to cover his tracks. But when Hanan repeated that trick, hacking into the Telegram account of the second close adviser to Ruto, he made a mistake.
After sending an innocuous Telegram message consisting only of the number “11” to one of the hacking victim’s contacts, he failed to properly delete it.
“One of the biggest thing is to put sticks between the right people, you understand,” he said. “And I can write him what I think about his wife, or what I think about his last speech, or I can tell him that I promised him to be my next chief of staff, OK?”
Hanan then showed how – once the message had been read – he could “delete” it to cover his tracks. But when Hanan repeated that trick, hacking into the Telegram account of the second close adviser to Ruto, he made a mistake.
After sending an innocuous Telegram message consisting only of the number “11” to one of the hacking victim’s contacts, he failed to properly delete it.
A reporter in the consortium was later able to track down the recipient of that message and was granted permission to check the person’s phone. The “11” message was still visible on their Telegram account, providing evidence that Team Jorge’s infiltration of the account was genuine.
Hanan suggested to the undercover reporters that some of his hacking methods exploited vulnerabilities in the global signalling telecoms system, SS7, which for decades has been regarded by experts as a weak spot in the telecoms network.
Google, which runs the Gmail service, declined to comment. Telegram said “the problem of SS7 vulnerabilities” was widely known and “not unique to Telegram”. They added: “Accounts on any massively popular social media network or messaging app can be vulnerable to hacking or impersonation unless users follow security recommendations and take proper precautions to keep their accounts secure.”
Hanan suggested to the undercover reporters that some of his hacking methods exploited vulnerabilities in the global signalling telecoms system, SS7, which for decades has been regarded by experts as a weak spot in the telecoms network.
Google, which runs the Gmail service, declined to comment. Telegram said “the problem of SS7 vulnerabilities” was widely known and “not unique to Telegram”. They added: “Accounts on any massively popular social media network or messaging app can be vulnerable to hacking or impersonation unless users follow security recommendations and take proper precautions to keep their accounts secure.”
Hanan did not respond to detailed requests for comment, claiming that he needed “approval” from an unspecified authority before doing so. However, he added: “To be clear, I deny any wrongdoing.”
Zohar Hanan, his brother and business partner, added: “I have been working all my life according to the law!”
Zohar Hanan, his brother and business partner, added: “I have been working all my life according to the law!”
***
Comments
Post a Comment