Rights groups have called on Doha to take urgent action to protect residents’ data.
A new investigation has found that Israeli security companies hacked the devices of Qatar’s residents through mass-targeted digital adverts to collect users’ personal data, e-mails and phone numbers.
The investigation, published by Eekad – an open-source intelligence platform in the Middle East, tracked a series of suspicious investment digital adverts that frequently appeared on the social media platforms Instagram and Facebook.
The investigation found that online adverts published by a page calledBoom Social contained “malicious software” which can be implanted into the user’s device to collect their personal data or hack the device.
Eekad found that Boom Social’s Facebook page was linked to NovoShield, an Israeli professional cybersecurity company behind the websites.
“Digital analysis has proven attempts by professional Israeli spy companies to penetrate the phones of Qatar’s residents and to collect as much information and personal data as possible,” Eekad said.
The adverts targeted users aged 25 and above, using images of prominent local media figures and influencers to gain credibility.
The ads claimed to be looking for potential investors and would proceed to request personal data including email, phone number, and the full name of the users who opened the link.
Speaking to Doha News, Sarah Leah Whitson, Executive Director of Democracy for the Arab World Now (DAWN), described the breaches as very worrying.
“It’s extremely disturbing to learn of reports that an Israeli company has gone to such great lengths to hide its identity and use fake advertisements to infiltrate and obtain personal information from Qatari citizens,” Whitson told Doha News.
She stressed the need to investigate Eekad’s findings to determine the possible role of the Israeli government in the breaches.
“It’s extremely important for the Qatari government to investigate this matter, determine whether the Israeli government knew or was involved in this attempted infiltration, and take urgent action to protect the privacy of Qataris,” Whitson added.
Analysing similarities
The investigation started by analysing pages on Instagram under the handles “trafficalarabiya” and “media_alarab1” that would share the ads in addition to local news and motivational phrases.
While the ads have also called for investment in Salik, an electronic traffic toll system affiliated with Dubai’s Transport and Communications Authority, Eekad was unable to confirm whether the United Arab Emirates was involved in the hacks.
Similarities between the content shared on Instagram and Facebook were spotted, most of which were managed from the United States with Emirati numbers shared.
“By analysing [the Facebook pages], it was revealed that the dense ads on the Instagram pages are managed by Facebook to reach and target the residents of Qatar,” Eekad said.
Israeli companies
Upon discovering the suspicious links managing the pages, Eekad found that both Boom Social and NovoShield were established in 2022.
NovoShield has two records in the US and Israel and while it claims to be based in Tel Aviv, its official records appear in Haifa.
“The Israeli company [NovoShield] creates a large number of pages with different commercial and media names, to hide its original identity and make it difficult to track and find out who is behind it,” Eekad said.
Citing its LinkedIn page, Eekad found that NovoShield is managed by four Israelis: Lior Keshet, Ofer Barsadeh, Bat El Azerad, and Yinon Avraham.
Digging deeper into the Israeli company, Eekad concluded that NovoShield was linked to Wintago Systems Ltd, also located at the same address near Haifa.
“Israeli company Wintago Systems provides intelligence solutions to hack devices and communications for security agencies, governments and military institutions,” Eekad said.
The investigation found that Wintago System was possibly behind the intelligence operations under the guise of NovoShield.
The findings echo other investigations that revealed Israel’s role in the hacking of devices of individuals globally.
The most prominent investigation to date is that of the Pegasus scandal that emerged in 2016. Numerous probes found that the Israeli NSO Group’s spyware targeted activists, journalists and political leaders.
Al Jazeera employees were among the victims of the data breach and lawsuits were filed in 2018 by the Qatar-based broadcaster’s journalists.
The Israeli hacking of Qatari residents’ devices raises further questions over Tel Aviv’s motives, especially given the Gulf state’s vocal rejection of its occupation of Palestine.
In late 2020, the UAE and Bahrain signed the Abraham Accords, where they formally normalised relations with Israel. However, Qatar did not follow suit and maintained its unwavering stance towards normalisation with Israel.
