Report links Indian company to spyware that targeted Togolese activist
Image: Sigmund
Andrea Peterson October 7, 2021

Report links Indian company to spyware that targeted Togolese activist

Andrea Peterson

October 7, 2021

Report links Indian company to spyware that targeted Togolese activist

A new report from Amnesty International links an Indian cybersecurity firm called Innefu Labs to spyware used to target an unidentified “prominent human rights defender” in Togo. 

The Togolese activist was targeted with the spyware that previous reports have linked to the Donot Team in late 2019 and early 2020—a particularly contentious political period in the country, according to the report. The attackers tried to use both Android and Windows spyware to compromise the person’s devices, but were unsuccessful, the report said. 

Donot Team is the name used by researchers to identify threat actors first reported and linked to incidents in South Asia by Netscout research published in 2018. Amnesty International’s report says it has “observed additional evidence of Donot Team attacks against organizations and individuals across Asia, mostly concentrated in the north of India, Pakistan and Kashmir.”

Amnesty International doesn’t claim Innefu Labs was directly involved in targeting the activist, but rather that digital forensics uncovered links, including IP addresses, that connect the company to the tools used to target the person.

“The technical evidence suggests that Innefu Labs is involved in the development or deployment of some Donot Team spyware tools,” according to the report. 

Innefu Labs denied any connection to the attacks according to correspondence included in the report. “We firmly deny the existence of any link whatsoever between Innefu Labs and the spyware tools associated with the ‘Donot Team’ group and the attacks against a Human Rights Defender in Togo,” the company wrote in a message dated October 1.

Innefu Labs did not immediately respond to a request for comment. 

Amnesty International and other human rights groups have long criticized the rise of off-the-shelf surveillance tools that have been used by repressive regimes to target activists and journalists. 

“Across the world, cyber-mercenaries are unscrupulously cashing in on the unlawful surveillance of human rights defenders,” said Danna Ingleton, Deputy Director of Amnesty Tech said in a statement about the latest research.

Andrea (they/them) is senior policy correspondent at The Record and a longtime cybersecurity journalist who cut their teeth covering technology policy ThinkProgress (RIP), then The Washington Post from 2013 through 2016, before doing deep dive public records investigations at the Project on Government Oversight and American Oversight. Their work has also been published at Slate, Politico, The Daily Beast, Ars Technica, Protocol, and other outlets. Peterson also produces independent creative projects under their Plain Great Productions brand and can generally be found online as kansasalps.