Posts Tagged ‘TELEGRAM’

Paris gunman who killed police officer known to security forces — Spent 15 years in prison for shooting officers — On watch list after recent arrest — Informants last month said he was ‘seeking to obtain weapons to kill policemen’

April 21, 2017

.

Image may contain: one or more people, tree and outdoor

.

Paris Police secure the Champs-Elysees after one police officer was killed and another wounded in a shooting in Paris, France, April 20, 2017. REUTERS – Christian Hartmann

French security services are today facing troubling questions as to how they failed to prevent an ISIS gunman from slaughtering one policeman and wounding two other officers when he was already on a terror watch list.

Champs-Elysees killer Karim Cheurfi had been detained only last month, it has emerged, after informants said he was ‘seeking to obtain weapons to kill policemen’.

But the 39-year-old, who used the war name ‘Abu Yousuf the Belgian’, had to be released because anti-terror police did not have enough evidence to hold him.

The homegrown fanatic, who officials confirmed was a French national despite his nickname, had also been released early from prison – where it is thought he was radicalised – having been jailed for 20 years in 2005 for trying to kill two policemen.

Cheurfi opened fire five times with a .38 revolver following a car chase in 2001, leaving the officers and a third victim wounded.

He had fled on foot before the driver of the other car and the passenger – a trainee police officer – caught up with him. He fired twice, seriously wounding both men in the chest. All three survived the attack in Roissy-en-Brie, in the Seine-et-Marne department of northern France.

Cheurfi was arrested and placed in custody under a false name. Two days later he seriously injured an officer who was taking him out of his cell, seizing his weapon and firing several times.

Two French officials said this morning that Cheurfi was detained in February for threatening police before being freed, although a warrant for his arrest is dated March 6.

Scroll down for video 

The killer was known to security services in France, according to reports this evening

The killer was known to security services in France, according to reports this evening

One police officer was shot dead and two more seriously injured by a gunman carrying a Kalashnikov in Paris this evening

One police officer was shot dead and two more seriously injured by a gunman carrying a Kalashnikov in Paris this evening

.

Pierre-Henry Brandet, spokesman for France's Interior Ministry, confirmed that one police officer was dead and two seriously wounded following the 'targeted attack'

Pierre-Henry Brandet, spokesman for France’s Interior Ministry, confirmed that one police officer was dead and two seriously wounded following the ‘targeted attack’

The arrest warrant issued for Cheurfi before he was detained at the beginning of last month

The arrest warrant issued for Cheurfi before he was detained at the beginning of last month

The ISIS killer is believed to have been released in 2016 following the triple assassination attempt, at a time when he was known for drug offences, car theft and robbery.

Despite having the nickname ‘Abu Yousuf the Belgian’, Cheurfi was a French national, Belgian interior minister Jan Jambon told public broadcaster VRT.

It has been claimed Cheurfi was making dark threats on messaging app Telegram before launching his attack on the Champs Elysees in Paris last night.

ISIS has claimed responsibility for the atrocity, which was carried out with a Kalashnikov weapon. A female foreign terrorist was also injured when a bullet ricocheted off the police car before Cheurfi was shot dead.

The fatal incident unfolded as presidential candidates, including National Front party leader Marine Le Pen, debated on a TV show nearby before Sunday’s election.

French President Francois Hollande said he was convinced it was a terrorist attack, adding that he would hold a security cabinet meeting this morning.

The French-born killer lived in Chelles, a commuter town close to Paris in the Seine-et-Marne department.

In 2003 he was sentenced to 20 years inside a high security prison following the attacks in Roissy-en-Brie, also in Seine-et-Marne.

But he was let out early following an appeal ruling, giving him the freedom to carry out tonight’s attack.

Gunshot-like noise forces BBC crew in Paris to run off the street

WHAT IS TELEGRAM? THE APP ALLEGEDLY USED BY KILLER

The app makers have boasted of security settings which keep messages safe from 'snoopers'

The app makers have boasted of security settings which keep messages safe from ‘snoopers’

Telegram is a messaging app which focuses on speed and security, according to its makers.

It allows users to send messages, photos, videos and files to groups of up to 5,000 and broadcast to unlimited audiences.

A statement on Telegram’s website about security says: ‘Big internet companies like Facebook or Google have effectively hijacked the privacy discourse in the recent years.

‘Their marketers managed to convince the public that the most important things about privacy are superficial tools that allow hiding your public posts or your profile pictures from the people around you. Adding these superficial tools enables companies to calm down the public and change nothing in how they are turning over private data to marketers and other third parties.

‘At Telegram we think that the two most important components of Internet privacy should be instead:

  • Protecting your private conversations from snooping third parties, such as officials, employers, etc
  • Protecting your personal data from third parties, such as marketers, advertisers, etc

‘This is what everybody should care about, and these are some of our top priorities. Telegram’s aim is to create a truly free messenger, without the usual caveats. This means that instead of diverting public attention with low-impact settings, we can afford to focus on the real privacy issues that exist in the modern world.’

Cheurfi was the registered keeper of the grey Audi used in last night’s attack. A raid on his home later found guns and ammunition, intelligence sources said.

He had targeted a parked patrol car full of traffic control officers working to the Paris prefecture.

The officer killed was at the wheel and was having an evening snack at the time of his death.

French television network BFMTV reports that Cheurfi had used the Telegram internet messaging service, which extremists have previously been claimed to favour because of its encryption.

Police are searching the home of the shooter in eastern Paris, and following the attack French presidential candidate Francois Fillon has called for the election campaign to be suspended.

Pierre-Henry Brandet, spokesman for France’s Interior Ministry, confirmed that one police officer was dead and two seriously wounded following the ‘targeted attack’.

He said a ‘car pulled up just after 9pm’ next to a police patrol car which was parked up on the busy avenue.

Police search the car reportedly used in Paris attack

Intelligence sources said the dead assailant was a known radical on a so-called S-file, for 'State-security'

Intelligence sources said the dead assailant was a known radical on a so-called S-file, for ‘State-security’

Police officers searched the home of the suspected gunman in east Paris following the attack in the capital on Thursday 

Police officers searched the home of the suspected gunman in east Paris following the attack in the capital on Thursday

Officers searched the home of the suspected gunman on Thursday evening after they travelled to his home in the east part of the capital 

Officers searched the home of the suspected gunman on Thursday evening after they travelled to his home in the east part of the capital

A man jumped out with a weapon and started firing indiscriminately into the police vehicle, hitting the unidentified officer who died directly in the head.

The assailant then ran off, pursued by other officers. Two of them were wounded as they killed him.

Mr Brandet said ‘all lines of investigation were being pursued’, while intelligence sources said the dead assailant was a known radical on a so-called S-file, for ‘State-security’.

This means he would have been under surveillance, because he was a known risk to the country.

Mr Brandet later said a possible accomplice had turned himself over to Belgian police, but it was ‘too early to say’ if he had played a significant part in the attack.

President Hollande, speaking from the Elysee palace close to the scene of the shooting, said: ‘A national tribute will be paid to this policeman who was killed in such a cowardly way.

‘A passerby was hit. The assailant was neutralised by other police officers. The entire area has been cordoned off. The people present have been evacuated.’

Read more: http://www.dailymail.co.uk/news/article-4430542/Paris-killer-talked-wanting-kill-Telegram.html#ixzz4esXKdx3z
Follow us: @MailOnline on Twitter | DailyMail on Facebook

Updated 9:35 PM ET, Thu April 20, 2017

Paris (CNN)  A man who killed a police officer on the Champs-Elysees Thursday night was known to French security services for radical Islamist activities and had shot and wounded an officer in the past, a source close to the investigation told CNN.

The suspect, who was shot dead by French police, was the subject of a “Fiche S” surveillance file and was on the radar of the French domestic security service DGSI, the source said.
.
The man was a French national who shot two officers in 2001 after being stopped by a police car, the source said. He was taken into custody but while being questioned grabbed another officer’s gun and shot him three times, the source said. He was convicted in that attack and had a criminal record because of involvement in violent robberies, the source said.
The source said French investigators now believe this was in all likelihood a terrorist attack. They believe there was just one attacker, and the danger is likely over, the source said.
.
ISIS issued a statement saying an Islamic State “fighter” carried out the attack. The ISIS claim comes via a statement released by the group’s media wing, Amaq. The ISIS statement identified the attacker and called him “the Belgian.” CNN has not confirmed the attacker’s association with Belgium.
.
Paris Prosecutor Francois Molins said he will reveal the shooter’s identity on Friday at a news conference. He said officers are searching the man’s residence in Chelles, Seine-et-Marne, a Paris suburb, and are trying to determine if he had accomplices.
.
The shooting has not officially been declared a terrorist act but anti-terrorist forces are leading the investigation, French President Francois Hollande said.
.
“The people who were present have been evacuated and we are convinced that the leads which point us to this case, and which will allow us to uncover the truth, are of a terrorist nature,” he said.

Elections on Sunday

The shooting happened about 9 p.m. local time (3 p.m. ET) when a car stopped at 102 Champs-Elysees in front of a police van, Interior Ministry spokesman Pierre Henry Brandet said.
.
A man emerged from the car and opened fire on the van with an “automatic weapon,” killing one officer instantly, he said. The man “then ran away, managing to shoot and wound two other policemen. Other policemen engaged and shot and killed the attacker,” Brandet said.
.
The slain officer was 30 years old, Molin said. One of the wounded officers was critically injured but is improving, he said. Also wounded was a female tourist.
.
The shooting shut down the famed Champs-Elysees, one of Paris’ top tourist attractions and home to the iconic Arc de Triomphe monument. The avenue was clear of residents and tourists but teeming with security officers Thursday night.
.
It comes three days before French voters start elections for a new president. Candidates went ahead with a debate Thursday night.
.
France has been in a state of emergency since the 2015 Paris attacks, which left 130 people dead. Parliament voted in December to extend the extraordinary provisions to ensure the protection of upcoming presidential and general elections.
.
Security has been tight because of the vote. Just two days ago French authorities arrested two men in Marseille who were allegedly planning an attack in a run-up to the election.
.

Police officers block access to the Champs-Elysees.

At least three underground train stations of the Paris Metro — the Champs-Elysees-Clemenceau, George V and F. Roosevelt stations — have been “closed off” near the site of the police operation on the Champs-Elysees in Paris, BFMTV reported.

Trump: ‘What can you say?’

Paris resident Daoud Kal, 29, said he was walking in the area near a metro station when he heard four to five shots. He looked around, but couldn’t identify where the shots were coming from. People panicked and ran away from the scene and he joined them.
.
The CNN Paris bureau is on this street and staffers reported hearing a dozen shots. At least 20 police vehicles were seen on the street.
Officers could be seen forcibly removing innocent citizens from the area as they attempted to get them to safety.
.
President Donald Trump, speaking at a news conference in Washington with the visiting Italian Prime Minister, offered condolences to the people of France after the shooting, saying it “looks like another terrorist attack.”
.
“What can you say? It never ends,” the President said.
.
The Champs-Elysees is a main road lined with restaurants, cafes, exclusive designer boutiques and tourist shops. At one end is the Arc de Triomphe, surrounded by a several-lane-wide roundabout, and the other end stops at the Place de la Concorde, known for its obelisk monument.
.
The presidential palace, the Elysee, is a few blocks away.
.
French police tweeted, “Police intervention underway in the area of the #ChampsElysees avoid the sector and follow the instructions of the police forces.”

French candidates respond

The US State Department put out a cautionary tweet, saying: “If you’re in #Paris, monitor local news. #ChampsElysees has been closed. Authorities are telling people to avoid the area after a shooting.”

One police officer was killed in a shooting on the Champs-Elysees.

The shooting comes three days before French general elections and Paris was already in a state of heightened alert. French politicians immediately reacted on social media.
.
.
French far-right presidential candidate Marine Le Pen tweeted, “My emotions and solidarity for the police, once again targeted.”
.
Conservative French presidential hopeful Francois Fillon tweeted, “Paying homage to police who give their lives to protect ours, #ChampsElysees.”
.
Prime Minister Bernard Cazeneuve tweeted: “Paying homage to the policeman killed on the champs elysees. Thoughts are with his family. Solidarity with his injured colleagues and those close to them.”
.
Former French President Nicolas Sarkozy tweeted: “To our law enforcement: support, strength, courage. They are paying again a heavy price. Our Nation’s tribute must be total NS”
.
Paris Mayor Anne Hidalgo tweeted: “We won’t give up, not bow and remain united facing these odious and insidious threats that weigh on our cities.”
.
She also extended a message of solidarity and thanks to the retailers on the Champs-Elysees who gave people shelter during the attack.
.
This developing story has been updated to clarify details about the attacker’s nationality.
.

http://www.cnn.com/2017/04/20/europe/champs-elyses-in-paris-closed/

Iran blocks Telegram app voice calls: state media

April 19, 2017

AFP

© AFP/File | The blockage of Telegram voice calls in Iran follows the arrest last month of 12 people who ran popular reformist channels on the messenger app

TEHRAN (AFP) – 

Iran’s judiciary has blocked newly introduced voice calls on Telegram, the most popular messaging app in the country, state media reported on Wednesday.

The blockage follows the arrest last month of 12 people who ran popular reformist channels on Telegram, ahead of a presidential election next month.

It was not clear if the blockage of voice calls, which Telegram introduced worldwide last week, was political or designed to protect the commercial interests of domestic phone companies.

“We gave the authorisation for the establishment of Telegram’s voice call service on Friday… but it was blocked by a judicial order,” Telecommunications Minister Mahmoud Vaezi told reformist newspaper Shargh.

“You should ask the judiciary for the reason.”

Last month, the conservative-dominated judiciary blocked the online navigation app Waze because it was designed in Israel, which Iran does not recognise.

Telegram CEO Pavel Durov confirmed the blocking of voice calls.

“In Iran, where Telegram has some 40 million active users, Telegram voice calls have been completely blocked by the country’s internet providers and mobile operators following an order from the judiciary,” he wrote on his official channel.

“Telegram has historically had problems with regulators in some parts of the world because, unlike other services, we consistently defended our users’ privacy and have never made any deals with governments.”

Iranian officials have previously said there were around 20 million Telegram users in the country, which has a population of some 80 million.

As well as a messaging tool, Telegram has become the leading source of news for many Iranians, with some channels boasting more than a million subscribers.

The judiciary said the 12 Telegram channel operators were arrested on security and obscenity grounds.

“Some of these people have been arrested on national security charges and some… for committing crimes against public decency and publishing obscene content,” deputy judiciary chief Gholamhossein Mohseni Ejeie told the Mizan Online news agency last week.

Moderate President Hassan Rouhani, who will stand for a second term in the May 19 election, has criticised the arrests but has little power over the judiciary.

Websites such as YouTube, Twitter and Facebook are blocked in Iran, but users exploit widely available privacy software to access them.

2 teenage girls held on suspicion of plotting French terror attack

April 1, 2017

AFP

© AFP/File | Several girls have been among a swathe of teenagers arrested in recent anti-terror swoops in France on suspicion either of plotting attacks or having contact with Islamic State members or sympathisers
NICE (FRANCE) (AFP) – Two teenage girls were arrested Saturday in southern France on suspicion of plotting a terror attack, a judicial source said.

The pair, aged 14 and 15, were taken in for questioning by the anti-terrorism prosecution service after a search of both girls’ homes turned up evidence suggesting they could have been planning an attack, a judicial source said.

“At this stage we do not know how far advanced the preparations were,” a source close to the inquiry told AFP, adding no weapons had been found.

Several girls have been among a swathe of teenagers arrested in recent anti-terror swoops in France on suspicion either of plotting attacks or having contact with Islamic State members or sympathisers.

The country remains in a state of emergency after suffering a spate of deadly jihadist attacks over the past two years.

Three teenage girls were arrested in late February on suspicion they had chatted on Telegram, an encrypted instant messaging platform used by French jihadi Rachid Kassim to call for attacks on France.

An anti-terrorism judge in Paris charged the trio last month.

WikiLeaks reveals CIA secrets — including the ability to bypass the encryption of popular messenger applications

March 8, 2017

WikiLeaks said the documents show the CIA’s ability to bypass the encryption of popular messenger applications. Shown, the agency’s headquarters in McLean, Va.

WikiLeaks said the documents show the CIA’s ability to bypass the encryption of popular messenger applications. Shown, the agency’s headquarters in McLean, Va. PHOTO: JIM LO SCALZO/EUROPEAN PRESSPHOTO AGENCY
  • WikiLeaks published 8,761 documents and files claiming to be from the CIA’s Center for Cyber Intelligence on Tuesday
  • Leak details information on how CIA-developed malware can target iPhones, Android phones and smart TVs
  • WikiLeaks alleges some remote hacking programs can turn electronic devices into recording and transmitting stations to spy on targets
  • Documents also claims the CIA can bypass encryption of Whatsapp, Signal, Telegram, Wiebo, Confide and Cloakman by hacking smartphones
  • CIA investigated hacking control systems in cars and trucks, which would allow agency to engage in nearly undetectable assassinations 

WikiLeaks has published thousands of documents claiming to reveal top CIA hacking secrets, including the agency’s ability to infiltrate encrypted apps like Whatsapp, break into smart TVs and phones and program self-driving cars.

WikiLeaks said the files released on Tuesday – mysteriously dubbed ‘ Vault 7’ – are the most comprehensive release of U.S. spying files ever made public.

The leak purportedly includes 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina.

It details intelligence information on CIA-developed software intended to hack iPhones, Android phones, smart TVs and Microsoft, Mac and Linux operating systems.

WikiLeaks alleges that some of the remote hacking programs can turn these electronic devices into recording and transmitting stations to spy on their targets.

It also claims the CIA can bypass the encryption of Whatsapp, Signal, Telegram, Wiebo, Confide and Cloakman by hacking the smart phones the applications run on.

The CIA was also looking at hacking the vehicle control systems used in modern cars and trucks, WikiLeaks claims.

Scroll down for video 

WikiLeaks, founded by Julian Assange, has published thousands of documents that it says come from the CIA's Center for Cyber Intelligence

WikiLeaks, founded by Julian Assange, has published thousands of documents that it says come from the CIA’s Center for Cyber Intelligence

Wikileaks dumps information claiming proof of CIA hacking

According to a document in 2014, CIA’s Embedded Devices Branch met to discuss malware that could infect vehicle systems.

‘The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations,’ WikiLeaks said.

The documents could not immediately be authenticated, but WikiLeaks has a long track record of releasing top secret government documents. A spokesman for the CIA would not comment.

WikiLeaks, which had been dropping cryptic hints about the release for a month, said in a lengthy statement that the CIA had ‘recently’ lost control of a massive arsenal of CIA hacking tools as well as associated documentation.

The organization said that ‘the archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner’ and that one of them ‘provided WikiLeaks with portions of the archive.’

They said the archive of files – referred to as Year Zero – introduces the scope of the CIA’s global covert hacking program and includes software that could allow people to take control of consumer electronic products.

The documents cover a range of topics, including what appeared to be a discussion about how to compromise smart televisions and turn them into improvised surveillance devices.

The alleged program called ‘Weeping Angel’ is said to have been developed in conjunction with the British spy agency MI5 and allows them to hack a Samsung smart TV when it is seemingly switched off.

‘After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on,’ the files say, according to WikiLeaks.

‘In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.’

The files detail intelligence information on CIA-developed software intended to hack iPhones, Android phones, smart TVs and Microsoft, Mac and Linux operating systems

The files detail intelligence information on CIA-developed software intended to hack iPhones, Android phones, smart TVs and Microsoft, Mac and Linux operating systems

WikiLeaks said the leaked data also included details on the agency’s efforts to subvert American software products and smartphones, including Apple’s iPhone, Google’s Android and Microsoft’s Windows.

The files claim the CIA  had developed numerous attacks to remotely hack and control popular smart phones.

‘Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone,’ the files state.

‘A similar unit targets Google’s Android which is used to run the majority of the world’s smart phones including Samsung, HTC and Sony.’

According to WikiLeaks, the CIA knew about several flaws in software made by Apple, Google, Samsung and others but didn’t tell the companies about them.

Disclosing such vulnerabilities is supposed to be common practice so companies could fix them before hackers use them. But WikiLeaks says the CIA kept knowledge of the vulnerabilities to itself for use in bypassing the encryption on apps such as WhatsApp, Signal, Telegram and Confide.

WikiLeaks says the CIA had two dozen such undisclosed vulnerabilities for Android gadgets alone.

A ‘substantial library’ of digital espionage techniques borrowed from Russia and other countries is in the data as well, WikiLeaks said.

WikiLeaks claims each technique the CIA has created ‘forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity’.

‘The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.

‘With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.’

WikiLeaks said it redacted the names of CIA officers and avoided publishing damaging details of cyber weapons.

They said they will refrain from doing do ‘until a consensus emerges on the technical and political nature of the CIA’s program and how such ‘weapons’ should analyzed, disarmed and published.’

The files also reveal that in addition to its operations in Virginia, the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.

The leak purportedly includes 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina (above)

The leak purportedly includes 8,761 documents and files from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virgina (above)

WikiLeaks said in a lengthy statement that the files, mysteriously dubbed ' Vault 7', are the most comprehensive release of U.S. spying files ever made public

WikiLeaks said in a lengthy statement that the files, mysteriously dubbed ‘ Vault 7’, are the most comprehensive release of U.S. spying files ever made public

Wikileaks said the release of confidential documents on the agency already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Experts who’ve started to sift through the material said it appeared legitimate – and that the release was almost certain to shake the CIA.

If it did prove legitimate, the dump would represent yet another catastrophic breach for the U.S. intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material.

Jake Williams, a security expert with Augusta, Georgia-based Rendition Infosec, has experience dealing with government hackers. He said that the voluminous files’ extensive references to operation security meant they were almost certainly government-backed.

‘I can’t fathom anyone fabricated that amount of operational security concern,’ he said. ‘It rings true to me.’

‘The only people who are having that conversation are people who are engaging in nation-state-level hacking.’

Bob Ayers, a retired U.S. intelligence official currently working as a security analyst, agreed, saying that the release was ‘real bad’ for the agency.

Ayers noted that WikiLeaks has promised to release more CIA documents, saying Tuesday’s publication was just ‘the first full part of the series.’

‘The damage right now is relatively high-level,’ he said. ‘(But) the potential for really detailed damage will come in the following releases.’

Read more: http://www.dailymail.co.uk/news/article-4289942/WikiLeaks-publish-1000s-says-CIA-documents.html#ixzz4ajHmjHHE
Follow us: @MailOnline on Twitter | DailyMail on Facebook

U.S. Government Can Spy on Just About Anyone Via The Cell Phone or TV — WikiLeaks

March 7, 2017

No automatic alt text available.

By March 7, 2017 10:59 AM PST

WikiLeaks says it’s released thousands of documents showing the CIA’s secret hacking tools that the agency can use to break into our phones, cars, computers and smart TVs.

The organization, which has published everythin from US diplomatic cables to Hillary Clinton’s campaign chairman’s emails, posted the documents Tuesday. The documents could potentially reveal the agency’s most important hacking techniques used to penetrate systems around the world. CNET is unable to verify if the documents are real or have been altered.

“We do not comment on the authenticity or content of purported intelligence documents,” CIA spokesman Jonathan Liu said in an email.

If true, the leaks provide a glimpse into just how much access the CIA has into your life — thanks to the gadgets that you carry around all day. The magnitude of the hacking tools are jaw-dropping; the documents suggest the agency was able to break into the underlying operating systems running iPhones, Android phones and Windows and Linux computers. That meant that it had access to data stored on the device, and even encrypted messages sent through popular services like WhatsApp, Signal and Telegram.

WikiLeaks has a long track record of releasing top secret government documents, and experts who’ve started to sift through the material said it appears legitimate, CBS News reported. Yet it’s unclear whether these programs are still running or whether they affect the latest versions of each operating system.

These leaks come after more than a year of debate over government investigators accessing consumer devices. Frustrated at not being able to access encrypted information — which is scrambled and unreadable without a password — the government can purchase or develop its own hacking tools that get around encryption by unlocking devices.

This debate took off when the US Department of Justice sought to require Apple to help it open an encrypted iPhone belonging to one of the San Bernardino shooters. After Apple fought back in court, the FBI said it had obtained another way to access the phone.

If the CIA could break into a phone’s operating system, it wouldn’t have to break the encryption, but rather gain the same access to messages that a regular user would have when unlocking their phone or computer.

Apple, Google and Motorola declined to comment on WikiLeaks’ claims. Samsung didn’t respond to a request for comment.

“We’re aware of the report and are looking into it,” a Microsoft spokesman said in an email.

WhatsApp declined to comment. Signal parent Open Whisper Systems didn’t immediately respond to requests for comment. Telegram said on its website that the problem lies with operating systems and not encrypted messaging apps and that naming specific encrypted services is “misleading.”

Edward Snowden, the former NSA contractor who leaked documents detailing NSA spy programs to journalists in 2013, wrote about the WikiLeaks documents Tuesday on Twitter. He said hacking the operating system is actually “worse” than hacking encrypted messaging services like WhatsApp.

PSA: This incorrectly implies CIA hacked these apps / encryption. But the docs show iOS/Android are what got hacked – a much bigger problem. https://twitter.com/wikileaks/status/839120909625606152 

The hacking tools described by WikiLeaks go beyond merely opening encrypted devices. The WikiLeaks press release says the documents show the CIA developed tools to turn Smart TVs into listening devices with a tool called “Weeping Angel,” and sought to find ways to hack the control systems in internet-connected cars. Like something out of a spy movie, other colorful codenames include “Brutal Kangaroo,” a system to hide data images, or “Hammer Drill,” which infects software distributed on CDs or DVDs.

WikiLeaks said the CIA had also “hoarded” vulnerabilities in the software run by tech giants like Apple and Microsoft, staying quiet about exploits so the agency could retain backdoor access.

WikiLeaks claims the leaks come from a high-security CIA network in Langley, Virginia. The US spy agency appears to have targeted computers, phones and smart TVs, according to CBS News.

WikiLeaks said in a tweet that the CIA showed “negligence” in not protecting the very information it was publishing.

CIA negligence sees it losing control of all cyber weapons arsenal sparking serious proliferation concerns https://wikileaks.org/ciav7p1/#PRESS 

First published March 7, 2017 at 10:04 a.m. PT

Update, 10:59: Adds comment from Microsoft, commentary from Edward Snowden and background information, and notes that WhatsApp declined to comment. 11:32 a.m.: Notes that Motorola declined to comment and that Open Whisper Systems didn’t immediately respond to requests for comment, and adds comment from Telegram and more details from leaks.

CNET Magazine: Check out a sampling of the stories you’ll find in CNET’s newsstand edition.

Life, disrupted: In Europe, millions of refugees are still searching for a safe place to settle. Tech should be part of the solution. But is it? CNET investigates.

Related:

 

Protecting Your Internet Presence in the Age of Donald Trump

December 1, 2016

NBC News

He starts petty fights on Twitter, he’s cool with Vladimir Putin, and when he takes the oath of office on January 20, President Donald J. Trump will assume control of the most advanced internet surveillance system the world knows about.

The relationship between politics and technology is increasingly volatile, dynamic, and important. President-Elect Trump’s perspectives betray severe misunderstandings of that relationship. In calling for an Apple boycott while the company resisted FBI efforts to break encryption on a phone belonging to one of the San Bernardino shooters, Trump outed himself as an enemy of the fundamental technology that makes it possible to securely transmit information online. From a 2015 debate stage, he suggested “closing the internet up” as a means to fight radical Islam, which is as impractical as it is impossible and hyperbolic.

A supporter photographs Republican U.S. Presidential nominee Donald Trump during a campaign event at Briar Woods High School in Ashburn
A supporter photographs Republican U.S. Presidential nominee Donald Trump during a campaign event at Briar Woods High School in Ashburn, Virginia, on Aug. 2. Eric Thayer / Reuters

Far from outlining specific technology directives beyond a soundbyte, or offering any other consistent policy,the Trump administration-to-come should raise anxious question marks about one’s personal information security. In 2013, notorious NSA whistleblower Edward Snowden acted through a series of journalists to expose secretive government programs with names like PRISM and XKeyscore, making it plain to the world that the U.S. government had significant means to spy on its citizens’ internet and phone activity. Snowden’s politics-rattling revelations helped elevate conversations about formerly niche tech topics like encryption, but according to one tech professional, there’s still work to be done to make the masses care.

Related: Will the Future of Tech Be a ‘Disaster’ Under Trump?

“Security is not an app you can download,” says Dan Guido, CEO of New York-based cybersecurity research firm Trail of Bits, whose client list runs from Facebook to DARPA. “Keeping yourself safe on the internet means thinking about what you’re keeping yourself safe from.” Guido’s cheeky suggestion to those seeking to make their online activity completely invisible to third parties: Give up the internet altogether.

“It’s hardest to steal data that does not exist,” he says. “If you can’t tolerate having it stolen or snooped on, then don’t use a computer or phone to send it.”

NSA Protest
NSA surveillance protesters, organized by the “Stop Watching Us” coalition, march from Union Station to the U.S. Capitol on Saturday, Oct. 26, 2013, to voice opposition to government’s surveillance of online activity and phone calls. Bill Clark / CQ-Roll Call,Inc.

There are still seats to fill in Trump’s cabinet, and several high-profile names are rumored for Director of National Intelligence, including former NYC mayor Rudy Giuliani and CNN national security commentator Mike Rogers. One of the strongest candidates might be a different Mike Rogers, the Navy admiral and current director of the National Security Agency — the same federal arm Snowden shook up by exposing its domestic spying program.

Depending on your political attitudes, you may not be agreeable to the notion of your internet activity being easily monitored, whether it’s by a garden variety hacker in search of credit card numbers, or your own government seeking information to foil a terrorist plot. For as long as there has been an internet, there have been people violating others’ privacy — it’s just that now, there are greater ramifications.

Whether your motivations are political or protective, it requires nothing less than the adoption of a new mindset if you want to meaningfully push back against those seeking to follow your internet footprints. We asked the experts for instruction on how to significantly close the security gap for John and Jane Internet-User. Here are their guidelines.

Use Messaging Apps Built on Strong Encryption

A variety of chat apps offer high-powered security features, like the Snowden-approved Signal and the government-riling Telegram.

Founded in 2013 by Russian entrepreneur Pavel Durov, Telegram has its roots in a project designed specifically to avoid government surveillance. When Durov’s former business VKontakte ruffled the Kremlin’s feathers in a significant way, he and his brother designed a system for undetectable communication.

Related: Could One Person Take Down the Internet?

“We developed Telegram as an encrypted communications tool in order to avoid eavesdropping by Russian security agencies while we were running the largest social networking service in Russia,” Durov says. “When we left Russia, we realized the problem of eavesdropping was global,” so they formalized the project and released it as a free app presently used around the world.

Use a Password Manager

Software like LastPass and 1Password can run as an extension in your web browser, automatically generating complex, symbol-filled keys sure to pass any security requirements. These solutions remember your passwords for you, then automatically fill them out and log you in when you visit the appropriate page later.

With one login into the manager, you never need to type another password. And as your password keystrokes are never actually generated by the user, they effectively don’t exist and are therefore incredibly difficult to steal. “I use 1Password,” Guido says, “but any reputable service will do as long as you use it consistently.”

The New Digital Commons Space At Martin Luther King, Jr Memorial Library
People use computers in the new Digital Commons space At Martin Luther King, Jr Memorial Library on Thursday, August 8, 2013, in Washington, DC. The Washington Post / The Washington Post/Getty Images

Use Two-Factor Authentication When Available

Google and other major platforms now make use of your cellphone number to enable an additional layer of security on your accounts. When Google texts you a security code after you log in on your computer, it’s confirming that you have both the password and the phone associated with the account.

A strong password is its own strong defense, but two-factor authentication makes your digital security barrier more physical. Consider the example of Wall Street Journal reporter Christopher Mims, who publicly shared his Twitter password a couple years ago. He emerged unscathed from the infosec stunt and retained control of his account, with his only saving grace being that he still possessed his smartphone.

“Two-factor authentication will keep your data safe even if you lose your password,” Guido says.

Decline Often

Location Services wants to know where you are. A webpage would like to initiate an unprompted download. These external requests execute locally on our devices because we grant them permission, so train yourself to be skeptical in going along with the dialogs that pop up on our devices and ask permission to carry out a process. Short of knowing exactly what that process is or asking for it yourself, the better answer is often no.

Durov suggests you “tap ‘Decline’ every time your mobile OS suggests you to opt in to something that is not 100 percent necessary.”

Have a Plan

How well-prepared are you if someone gains access to your bank account? Your email address? Your smart home? Skilled cyberthieves can steal your frequent flier miles, your health insurance, or open credit cards in your name. As more and more of the infrastructure we rely on to manage our daily lives moves to the internet, security compromises can have significant real-world impacts. The nature of what it means to “get hacked” is beginning to change.

Related: How Scientists Confirmed One of Einstein’s Controversial Theories

“For most people, getting hacked means resetting a password, getting mailed a new credit card, or another minor inconvenience,” Guido says. “I think people will care more when getting their information stolen or abused causes more harm. Consumer attitudes about security will likely shift as we see more inventive methods of abusing data.”

Keep Calm and Carry On

We won’t know what Trump’s technology policies are like until we’re living under his administration. Will things proceed as they always have? Or in an emotional rage, will he block Twitter, just as Russia blacklisted LinkedIn from its own internet earlier this month?

While it remains impossible for any single person to dismantle the internet or seriously change how it works, an exception is perhaps possible if that person is President of the United States.

http://www.nbcnews.com/mach/technology/protecting-your-internet-presence-age-donald-trump-n689826

Freedom House: Online Freedom Declines for Sixth Consecutive Year

November 14, 2016

AFP

© AFP/File | A recent report released by watchdog group Freedom House says 34 of the 65 countries assessed saw internet freedom deteriorate since June 2015

WASHINGTON (AFP) – Internet freedom declined for a sixth consecutive year in 2016 as governments around the world cracked down on social media and messaging applications used to express dissent, a watchdog group said Monday.

The Freedom on the Net report by the activist group Freedom House said a growing number of regimes are restricting or censoring messaging platforms such as WhatsApp in addition to popular social networks.

“Popular social media sites like Facebook and Twitter have been subject to growing censorship for several years, but governments are now increasingly going after messaging apps like WhatsApp and Telegram,” said Sanja Kelly, director of the study.

“Messaging apps are able to spread information quickly and securely — and some governments find this threatening.”

The report said 34 of the 65 countries assessed in the report saw internet freedom deteriorate since June 2015.

Some of the notable declines were in Uganda, Bangladesh, Cambodia, Ecuador, and Libya, while online freedom improved in Sri Lanka and Zambia and in the United States, due to the passage of a law limiting collection of telecommunications metadata.

Freedom House said 67 percent of internet users live in countries where criticism of the government, military, or ruling family is subject to censorship.

Governments in 24 countries limited or blocked access to social media and communication tools, up from 15 in the previous year.

Even some democratic governments have been targeting applications that use encryption features seen as a threat to national security. WhatsApp faced restrictions in 12 of the 65 countries analyzed, more than any other app.

“Although the blocking of these tools affects everyone, it has an especially harmful impact on human rights defenders, journalists, and marginalized communities who often depend on these apps to bypass government surveillance,” said Kelly.

China was the world’s worst offender for a second year, according to the report, followed by Syria and Iran.

Freedom House criticized a new Chinese law that allows for seven-year prison terms for spreading rumors on social media, a charge often used to imprison political activists.

It said some users in China belonging to minority religious groups were imprisoned for watching religious videos on mobile phones.

The report said authorities in 38 countries made arrests based on social media posts over the past year, an increase of more than 50 percent since 2013. Prison sentences imposed in some countries exceeded ten years. Some have been jailed for merely sharing or “liking” content on Facebook.

“When authorities sentence users to long prison terms for simply criticizing government policies online, almost everyone becomes much more reluctant to post anything that could get them in similar trouble,” Kelly said.

Partner in 1MDB-linked deals made over $5.6m — Living the high life on illegal loot

November 8, 2016

Photo: Reuters

FORMER head of agency distribution at NTUC Income Samuel Goh Sze Wei, a key prosecution witness in the trial of former BSI banker Yeo Jiawei, said yesterday that he received more than US$4 million (S$5.6 million) for his role as Yeo’s partner in kickback deals linked to scandal-hit state fund 1Malaysia Development Berhad (1MDB).

Mr Goh, who is now unemployed, was giving evidence on day five of the trial of Yeo.

The latter faces four counts of perverting the course of justice by allegedly urging witnesses to lie to the police while out on bail after he was arrested on March 17 in connection with money laundering.

The trial began last Monday.

The State Court heard last week that Yeo allegedly asked Mr Goh to set up a shell company to act as an intermediary between a fund management company that received payment from a 1MDB-linked shell company, Brazen Sky, and firms controlled by Yeo and Yeo’s then BSI supervisor Kevin Swampillai.

This shell company was Bridge Global Managers.

Mr Goh testified yesterday under cross examination by Yeo’s lawyer Philip Fong that he received half of the US$1.795 million made over two years by Bridgerock Investment, the firm controlled by Yeo.

According to prosecutors, Yeo had allegedly arranged for Bridgerock and GTB Investment, the firm controlled by Mr Swampillai, to receive a significant portion of referral fees for their own benefit.

These “secret profits” came in the form of a “referral fees” arrangement, in which a portion of the management fees paid by Brazen Sky to fund manager Bridge Partners Investment Management (Cayman) Ltd (BPIM), went to Bridge Global Managers before passing to the firms owned by Yeo and Mr Swampillai.

Mr Goh, 41, also testified that he received more than US$2.25 million from another deal involving Aabar Investments PJS, the main shareholder of Falcon Bank, the second bank shut down by Singapore regulators.

Singapore authorities had earlier said that the 1MDB fund flows being investigated included those linked to Aabar Investments PJS (BVI) and Aabar Investments PJS Ltd (Seychelles).

In addition, at least US$1.24 billion raised through a bond issue by a unit of 1MDB was allegedly transferred to a UBS bank account in Singapore held by Aabar Investments.

The money was meant for Abu Dhabi’s International Petroleum Investment Company (IPIC), but IPIC has denied ownership of Aabar Investments. The transfer was done through BSI Bank in Switzerland.

Mr Goh last Thursday told the court how Yeo was the one who first approached him in 2012 to look for a licensed fund manager for a fiduciary fund structure.

Mr Goh then referred fund manager BPIM to Swiss bank BSI, and said Yeo offered a cut to him.

– See more at: http://news.asiaone.com/news/business/partner-1mdb-linked-deals-made-over-56m#sthash.atSfckCz.dpuf

***************************

Ex-BSI banker involved in 1MDB lived jet-setting lifestyle, became more arrogant

Changes seen after the accused started working for Malaysian tycoon Jho Low, witness testifies

Former BSI banker Yeo Jiawei enjoyed a jet-setting lifestyle on super yachts and at luxury resorts after he left to work for controversial Malaysian tycoon Jho Low, a court heard yesterday.

An employee of financial firm Amicorp Group testified that Yeo – a key figure in an alleged money laundering operation linked to scandal-hit 1Malaysia Development Bhd (1MDB) – became a “consultant and adviser” to Mr Low and Mohamed Ahmed Badawy Al-Husseiny.

Al-Husseiny is a former high-level official of Abu Dhabi state fund International Petroleum Investment Co (IPIC).

Amicorp relationship manager Jose Renato Carvalho Pinto told the court Yeo’s relationship with Mr Low was so close that he travelled on his private jet and accompanied him on his luxury yacht Equanimity on a business trip to the Caribbean.

Equanimity

Yeo stayed at five-star beach-front resort Sandy Lane, one of the most luxurious hotels in Barbados, Mr Carvalho testified.

He also claimed Yeo arranged for Amicorp to pay invoices totalling US$1.36 million (S$1.9 million) for 27 tickets for Mr Low, Al-Husseiny and several other celebrities to the Manny Pacquiao boxing match at the MGM Grand in Las Vegas. The cheapest seat was US$30,000, while the most expensive was US$75,000, Mr Carvalho said.

He added Yeo also asked Amicorp to top up the Las Vegas casino membership cards of Mr Low and his close associate, Mr Eric Tan Kim Loong, by at least US$1 million each.

Mr Carvalho further testified that Yeo became “more arrogant and abrasive”, dismissively calling some associates, including Mr Samuel Goh Sze Wei, Mr Kelvin Ang and 1MDB chief financial officer Terence Geh, “working level” people.

Yeo faces four counts of obstructing justice by allegedly urging witnesses to lie to police and destroy evidence while out on bail after being arrested on March 17 in connection with money laundering.

Al-Husseiny, who is being investigated over offences under the Swiss Criminal Code, was chief executive of IPIC unit Aabar Investments and a former chairman of Falcon Bank, whose licence was withdrawn by the Monetary Authority of Singapore (MAS) last month.

One reason for Falcon’s shutdown was because its head office failed to guard against conflicts of interest when managing accounts of a customer linked with Al-Husseiny. The MAS said he misled Falcon’s Singapore branch into processing the customer’s “unusually large transactions” despite multiple red flags.

Mr Carvalho, who was testifying on the fifth day of the trial, said Amicorp was asked by Yeo to set up trusts and also to open bank accounts for several entities as well as for Mr Low and family members.

IPIC has denied ownership of Aabar BVI, to which 1MDB said it sent US$3.5 billion.

Yeo allegedly told Mr Carvalho that after leaving BSI, he would work as consultant to Aabar and Al- Husseiny and “collect a 5 per cent fee on every invoice to Aabar”.

Mr Carvalho also said Yeo claimed that he would be working for sovereign wealth funds that were part of a “highly confidential government-to-government arrangement involving Saudi Arabia and Malaysia”. Mr Carvalho learnt that these were 1MDB and SRC International, which was set up by Malaysian Prime Minister Najib Razak’s government.

“I thought Amicorp was cheated by Yeo because he created the story of a ‘g-to-g’ arrangement between countries so he can collect referral fees,” Mr Carvalho said.

Mr Samuel Goh, the former head of agency distribution at NTUC Income, testified yesterday that he received more than US$4 million for his role as Yeo’s partner in alleged kickback deals linked to 1MDB.

A version of this article appeared in the print edition of The Straits Times on November 08, 2016, with the headline ‘Ex-BSI banker ‘lived jet-setting lifestyle, became more arrogant”.

1MDB scandal: Corruption, Wealth and Greed — Ex-BSI banker bought $1.36m Mayweather-Pacquiao Las Vegas fight tickets

November 8, 2016

Funds diverted from 1MDB through shell companies set up by Jho Low advisor, court told, made the men wealthy beyond their dreams.

As the Singapore court case probing the 1Malaysia Development Berhad (1MDB) sovereign fund scandal unfolds, a former BSI banker has beeen accused of siphoning off millions from the state fund through bank accounts setup for several shell companies.

Yeo Jiawei is facing four counts of obstructing justice in Singapore by allegedly urging witnesses to lie to police and destroy evidence while out on bail after his arrest on 17 March 2016 in connection with money laundering involving the state fund. He faces seven other counts involving cheating, money laundering and forgery, which will be heard in 2017.

The 33-year-old banker had left BSI in 2014 to work for Malaysian financier Low Taek Jho (better known as Jho Low) as his “consultant and adviser”. Jho Low is one many high-powered business people and government officials implicated in the misappropriation of funds from 1MDB.

During his stint with Low, Yeo was flown via private jets to Barbados for meetings between Low, Aabar Investments PJS chairman Mohamed Al Husseiny, and Low’s associate Eric Tan, among others.

The court was told how Yeo enjoyed a “jet-setting lifestyle on super yachts and at luxury resorts” while working for Low. This included staying at a five-star beach resort Sandy Lane, one of the most luxurious hotels in Barbados, the Straits Times reported.

Jose Renato Carvalho Pinto, an Amicorp relationship manager, claimed that Yeo arranged for Amicorp to pay invoices amounting to $1.36m (£1.1m, €1.23m) for 27 tickets for Low, Al-Husseiny and other celebrities to attend the Manny Pacquiao vs Floyd Mayweather boxing match at the MGM Grand in Las Vegas in April 2015.

Yeo Jiawei
Yeo Jiawei

The ticket prices for the match ranged from $30,000 to $75,000, Pinto said. The banker, who was testifying against Yeo on the fifth day of the trial in Singapore, said Yeo had asked his bank to set up trusts and open bank accounts for several entities for both Low and his family members.

He also claimed that Yeo had boasted to him that after leaving BSI, he was going to work as a consultant to Aabar Investments and Al-Husseiny and “collect a 5% fee on every invoice to Aabar.”

Pinto said that Yeo had also claimed that he would be working for sovereign wealth funds that were part of a “highly confidential government-to-government arrangement involving Saudi Arabia and Malaysia”. He found out that Yeo was referring to 1MDB and SRC International, which was set up by Malaysian Prime Minister Najib Razak’s administration.

Jho Low
Jho Low, C.E.O., Jynwel Captial Limited and Co-Director Jynwel Charitable Foundation Limited in 2014Michael Loccisano/ Getty Images for New York Times

Shell companies set up with names similar to genuine Abu Dhabi subsidiary

The court was told that there were at least four shell companies that had names similar to the real Aabar company, a genuine subsidiary of the International Petroleum Investment Company (IPIC). The shell companies are based in the British Virgin Islands, Samoa and Seychelles.

According to Channel News Asia, Pinto only realised that the two entities he was asked to setup bank accounts for — Aabar Investments PJS which was incorporated in Samoa and Aabar International Investments PJS which was set up in BVI — were fake and were intended to be confused with the genuine Abu Dhabi-based Aabar Investments PJS, after Yeo was charged in April this year. This was also after Yeo was paid $4m in bogus referral fees, Pinto claimed.

In July this year, IPIC filed papers seeking arbitration in the London Court of International Arbitration in a bid to recover $6.5bn it claims is owned. It has also denied any links with the company Aabar BVI, which 1MDB claims it had paid money into.

He claimed that when Yeo was questioned by Singapore’s Commercial Affairs Department on suspicion of money laundering, he allegedly called Pinto, who was based in Hong Kong, and asked him to destroy his laptop. He was also allegedly warned not to travel to Singapore to ensure he was not questioned by the CAD.

Pinto told the court that Yeo used discreet ways to communicate and that he had set up “secret chats” on Telegram that would self-destruct to ensure that there were no traces on the servers.

http://www.ibtimes.co.uk/1mdb-scandal-ex-bsi-banker-bought-1-36m-mayweather-pacquiao-las-vegas-fight-tickets-1590380

COMMENT The future is yellow. Najib Abdul Razak’s infamous slogan, ‘You help me, I help you’, has been exported to the People’s Republic of China (PRC), where Najib’s ailing 1MDB has been given a lifeline.

How Islamic State Weaponized the Chat App to Direct Attacks on the West

October 20, 2016

Police alarmed by emergence of militants that they say are using chat apps and social media to recruit militants in Europe from abroad

The Wall Street Journal has obtained audio messages, purportedly from an Islamic State operative in Syria or Iraq, that police say were used to recruit people to undertake terror plots in France. The messages allegedly show how Islamic State directs terror plots in Europe from remote positions.

Updated Oct. 20, 2016 11:34 a.m. ET

PARIS—A predawn attack on a French policeman’s home, the killing of a priest during Mass and a car bomb planted near Notre Dame Cathedral in recent months were plots that appeared isolated until investigators discovered a common thread.

Their authors had all allegedly been in contact with a man whom authorities identify as 29-year-old Rachid Kassim.

From somewhere in Islamic State-held territory in Iraq or Syria, authorities say, the French national had used the encrypted Telegram chat app and other social-media tools to contact people back home—mainly French teenagers who are believed to have little or no previous connection to the terror group or each other—and instruct them on how to mount attacks.

Investigators across Europe are alarmed by the rise of militants such as Mr. Kassim, who they suspect have developed a way to “remote control” attacks from far away. That is blurring the lines between assaults carried out by militants trained in Islamic State territory and those by so-called lone wolves who authorities assumed were acting without the direction or support of terror groups.

“What worries us is a new type of attacker who only appears to be acting alone,” said Hans-Georg Maassen, head of Germany’s domestic intelligence. “Such assailants are being steered virtually from abroad via instant messaging.”

The recent unfurling of terror plots allegedly directed by Mr. Kassim in France have sent investigators scrambling to trace the militant’s internet footprint, seizing the phones of attackers and poring over communications that were previously hidden by encryption.

Followers of Mr. Kassim’s private channel on Telegram received instructions in mid-August on how to buy cooking-gas canisters for a car bomb, according to a copy of the channel’s content provided to The Wall Street Journal by a person with access to it. The content was confirmed by French authorities.

To avoid drawing suspicion, Mr. Kassim advised attackers to say, “Hello, Sir, I’m arranging a camping trip.…How many [canisters] do I have to buy to get a good price?”

Three weeks later a group of women who police say were in contact with Mr. Kassim via Telegram took a car, filled it with gas canisters and parked it near Notre Dame Cathedral in central Paris. Police found the car after it had failed to explode.

The ability to persuade Europeans to stay home and mount attacks is becoming crucial to the militant group as the U.S.-led coalition reconquers territory along Turkey’s border. Those military setbacks are depriving the group of corridors it once used to move militants from the killing fields of Syria to Europe’s doorstep.

Rachid Kassim, a French member of Islamic State, is purportedly shown in this image grab from a video made available by jihadist media outlet Welayat Nineveh on July 20. In the video, Mr. Kassim speaks to the camera in French from an undisclosed location before allegedly beheading two men along with another jihadist.
Rachid Kassim, a French member of Islamic State, is purportedly shown in this image grab from a video made available by jihadist media outlet Welayat Nineveh on July 20. In the video, Mr. Kassim speaks to the camera in French from an undisclosed location before allegedly beheading two men along with another jihadist. PHOTO:AGENCE FRANCE-PRESSE/GETTY IMAGES
.

“The Turkish police are building a wall,” Mr. Kassim said in a recording posted on Aug. 24. “If you’re in France, even if the doors were wide open, I would still call on you to stay there and attack in the land of infidels.”

Chat apps such as Telegram and WhatsApp, experts say, act as key filters for Islamic State in funneling people further into its recruitment pipeline. The pipeline begins with propaganda, such as videos of maimed Syrian children, posted to social-media websites like YouTube and Facebook to reach as many potential recruits as possible.

Those who dig further find a stream of Twitter accounts, blog pages and online video sites, with new accounts and sites replacing deleted ones daily, analysts say. The postings occasionally include links to hidden chat rooms and channels. Telegram channels can be followed if they are public, but channels can also be set to private or invitation-only, like Mr. Kassim’s, which at the end of September had about 300 followers.

It is inside those channels that the extremist group moves from semipublic propaganda to encrypted chats. In the invitation-only chat rooms, Islamic State sympathizers debate Islamist ideology, discuss tactics and cheer on terrorist attacks, according to the Journal’s examination of such channels’ content. When followers are ready to take action, they are invited to communicate one-on-one with a recruiter via an encrypted function called “secret chat” that can evade detection by intelligence services, according to authorities.

“Send me a message on secret chat, and in God’s name we can discuss later,” Mr. Kassim says in one audio message on his channel, laced with what seems to be coded language for one follower in particular. “You know who you are,” he tells the follower. “If you want a hint, I’d say: ‘The sound of gunfire,’ my brother.”

“You have this kind of grooming relationship,” said Peter Weinberger, a senior researcher at the National Consortium for the Study of Terrorism and Responses to Terrorism at the University of Maryland. “People will get in these chat rooms and they will feel like they have a relationship with someone. That’s where the peer-to-peer contact is drawing them in.”

Pavel Durov, a Russian exile who says he created Telegram to avoid Kremlin surveillance, designed the service so that even he can’t access secret chats. The company regularly removes channels affiliated with Islamic State when users or authorities find and flag them.

Asked about Mr. Kassim’s activity, Mr. Durov said: “We are troubled by the fact that our technology might have been used in such a sinister way.

“Unfortunately, little can be done to stop evildoers from using the modern messaging technologies without also putting at risk the privacy of millions of regular users,” he added.

Mr. Kassim first made himself known to the public in late July when he appeared in an Islamic State video praising the Bastille Day terrorist attack in Nice that killed 86 people. The militant, from Roanne in central France, hadn’t been seen since 2015, when, authorities suspect, he traveled to Islamic State territory in Iraq or Syria. In the video, Mr. Kassim delivers a tirade against France and then beheads a prisoner.

Behind the scenes, according to French officials, Mr. Kassim was targeting teenagers, pressing them to carry out attacks impulsively rather than make careful plans that risk being foiled.

Officials say Mr. Kassim had already been in touch with Larossi Abballa, a 25-year-old French citizen who went on to slaughter a police captain and his companion in Paris in June. Abballa took the couple’s toddler hostage and, before being killed in a police raid, broadcast his allegiance to Islamic State live on Facebook.

On his Telegram channel, Mr. Kassim has denied knowing some of the people swept up in recent police raids, accusing authorities and media of “mingling truth and falsehoods.” Mr. Kassim didn’t respond to a request for comment.

Over the summer, French officials say, Mr. Kassim was also exchanging encrypted Telegram messages with Adel Kermiche, 19, and possibly also with Abdel-Malik Nabil Petitjean, 19. On July 26, the two barged into a church in Saint-Étienne-du-Rouvray, a town in western France, and slit the throat of 85-year-old Rev. Jacques Hamel before being killed by police.

A policeman in June removing a picture of French policeman Jean-Baptiste Salvaing and his partner, Jessica Schneider, who were killed by Larossi Abballa, a 25-year-old Frenchman. French officials say Mr. Kassim was in touch with Abballa before he carried out the killings.
A policeman in June removing a picture of French policeman Jean-Baptiste Salvaing and his partner, Jessica Schneider, who were killed by Larossi Abballa, a 25-year-old Frenchman. French officials say Mr. Kassim was in touch with Abballa before he carried out the killings. PHOTO: SYLVAIN THOMAS/AGENCE FRANCE-PRESSE/GETTY IMAGES
.

In early August, Mr. Kassim set up the Telegram channel that the Journal reviewed, under the name “Saber of Light.” Over the following weeks, he advocated similar attacks, called the pair “precious brothers” and acknowledged some communication with them.

Mr. Kassim also repeatedly invoked Abballa’s attack over the channel as an example of how fighters should move quickly to avoid getting caught by police. “Larossi, may God accept him, the day he decided to attack, he didn’t wait. He didn’t think about it for four weeks,” Mr. Kassim said in one audio message.

On the channel, Mr. Kassim published a “Guide for Lone Lions” that included color-coded charts providing the names of individuals to murder and explaining types of mass-casualty attacks, including a car bomb using gas canisters.

“Just before the attack, if you have questions, doubts or other things like that, you can contact me privately,” he added.

On Sept. 4, French police discovered the car loaded with gas canisters by Notre Dame.Four days later, police tracked a group of three women allegedly linked to the plot to a Paris suburb. Two of the women—identified by prosecutors as Sarah H, 23, and Inès M, 19—attacked plainclothes policemen with knives, stabbing them and yelling “Allahu akbar” before being detained, prosecutors said.

Sarah H, prosecutors allege, had been engaged to Abballa, who killed the police officer and his companion in Paris, and then Kermiche, who killed the priest. She then promised to marry a third man that police detained in connection with the car bomb plot, prosecutors claim. The women were also members of Mr. Kassim’s “Saber of Light” channel on Telegram, they say.

A lawyer for Sarah H said his client had likely been in touch with Mr. Kassim, but he said she played no role in the car-bomb plot. He added the investigation hasn’t established whether she was engaged to the men.

A lawyer for Ines M and a lawyer for a third woman, identified as Amel S, declined to comment.

On Telegram, Mr. Kassim denied that he or Islamic State ordered the women to do anything, crediting their faith instead. But he repeatedly lauded their action.

Following the arrest, Mr. Kassim said, “Sisters are going on the attack!”

Write to Stacy Meichtry at stacy.meichtry@wsj.com and Sam Schechner at sam.schechner@wsj.com

http://www.wsj.com/articles/how-islamic-state-weaponized-the-chat-app-to-direct-attacks-on-the-west-1476955802