Spyware Spotted Targeting US Senators, Taiwan President Via Twitter Replies

pcmag.com:

A mysterious user has been trying to infect US politicians and Taiwan’s president with spyware by circulating malicious links on Twitter/X.  

The findings come from human rights group Amnesty International, which spotted a Twitter account, @Joseph_Gordon16, spreading the spyware by tweeting back at targets through Twitter’s reply function. 

The replies from @Joseph_Gordon16 contained links that pretended to look like news articles. But in reality, the links were designed to forward users to domains connected to Predator, a  notorious spyware program sold to foreign governments that can easily infect a smartphone. 

Starting in February, the @Joseph_Gordon16 account sent the spyware links to journalists who cover Vietnam. But eventually, the account began targeting academics as well as European and US government officials, including a pair of US senators and Taiwan President Tsai Ing-wen.

Specifically, the @Joseph_Gordon16 account replied to at least two tweets from President Tsai with malicious links designed to look like news articles. The same occurred when @Joseph_Gordon16 account replied to a tweet that tagged Sens. Chris Murphy (D-CT) and Gary Peters (D-MI). 

In addition to Twitter, a separate account on Facebook using the name "Anh Tran" also circulated similar links to the spyware. In total, at least 50 accounts belonging to 27 individuals and 23 institutions were targeted, Amnesty International says. But whether any of the infection attempts succeeded remains unclear.

Citizen Lab, a watchdog group that investigates spyware attacks, confirmed the findings from Amnesty International. The incident represents a rare and brazen attempt to distribute commercial spyware out in the open on a social media platform. 

“Post