Ecuador Internacional

APNewsBreak: Email leak suggests Ecuador spied on opposition

AP - Frank Bajak 06/08/2015

Foto: AP

Foto: AP

LIMA, Peru (AP) — Ecuadorean opposition activist Dr. Carlos Figueroa was being pursued by the state when his email and Facebook accounts were hacked. Several dozen of his colleagues have similarly had their digital lives violated. All blamed President Rafael Correa's government, but no one had proof.

The Associated Press has found compelling evidence that Figueroa was indeed hacked by Ecuador's domestic intelligence agency, with software tailor-made by an Italy-based company called Hacking Team that outfits governments with digital break-in tools.

That would tag Figueroa as the first publicly identified target from a catalog of more than 1 million company emails stolen by an unknown hacker and leaked online last month.

AP's finding also casts doubt both on Hacking Team's claims that its intrusion tools, which intercept phone calls, collect emails and record keystrokes, are for use against serious criminals, not dissidents, and on assertions by Ecuadorean officials that they do not spy on domestic opponents.

The purloined Hacking Team emails have thrown back the curtain on state-sponsored hacking across the world, drawing outrage in South Korea — where a spy caught up in the scandal killed himself — and Cyprus, whose intelligence chief resigned following the disclosures.

They were gathered and made easily searchable online by WikiLeaks, the secret-spilling website whose founder Julian Assange has been holed up in Ecuador's London embassy since 2012.

Evidence that Ecuador's spies hacked Figueroa are in a series of emails exchanged between its SENAIN domestic intelligence agency and Hacking Team shortly after Figueroa was convicted of criminal libel in March 2014 and sentenced to six months in prison for allegations he made about Correa's actions during a 2010 police revolt. Figueroa had skipped the court appearance, considering the verdict a foregone conclusion, and was in hiding.

The emails show that SENAIN employee Luis Solis sent a flurry of requests to Hacking Team for booby-trapped Microsoft Office documents and malicious links — so many that customer support engineer Bruno Muschitiello suggested Solis ease up. "The target may suspect something," Muschitiello wrote on April 11, 2014.

The target isn't named explicitly, but Solis dropped hints as he struggled with the digital burglary technology. The biggest clue was a phony invitation to a medical conference that he apparently created. The first 14 characters of the target's email address are visible in a screenshot he sent to Muschitiello. It reads "dr.carlosfigue.," a near match for the "dr.carlosfigueroa" address Figueroa was using at the time.

On May 5, Solis sent Muschitiello a screenshot of his control panel displaying 13 infected devices. One is named "MobilFigueroa" — "Figueroa's cellphone."

Read more here

Fuente Original