Togo church leaders in crosshairs of Israeli spyware and WhatsApp exploit

Top Togolese priests and members of the opposition have been targeted by sophisticated Israeli spyware using WhatsApp messages to hack their mobile phones, according to a joint investigation published on Monday.

Six leading critics of the government in Lomé were targeted by the hack in May 2019 that likely enabled attackers to inject spyware created by NSO Group onto the target's phones, as revealed by an investigation led by The Citizen Lab at University of Toronto.

The spyware took advantage of a vulnerability in WhatsApp using the call functionality of the application. Even if the calls were not answered, a piece of spyware called Pegasus was installed onto the target's phone.

Four of the Togolese targets have come forward, speaking to The Guardian and Le Monde newspapers, confirming the hack and revealing their identities.

Benoît Alowonou, the bishop of Kpalimé, in southwest Togo, was one of the targets. He is the president of the Conference of Bishops in Togo, and has previously been critical of President Faure Gnassingbé.

Pierre Chanel Affognon, a priest and spokesperson for a civil society group called “Hope for Togo”, which aims to hold the government to account, was targeted by the spyware.

Two opposition politicians were attacked by the hack: Elliott Ohin, a former foreign minister, who left government and previously headed up the opposition Union of Forces for Change party, and Raymond Houndjo, previously a mayoral candidate for Lomé and member of the National Alliance for Change party.

Coincidental?
The timing of the attack coincided with widespread protests against Gnassingbé and the extension of term limits for the president. Gnassingbé's family has ruled Togo for decades and Faure took over from his father EyadémaGnassingbé in 2005.

He faced down widespread protests in 2017 and 2018 calling for an end to his family's rule. The authorities used an internet shutdown to help the government survive the demonstrations. In May 2019, the government voted through a change to the country's constitution potentially enabling Gnassingbé to remain in office in 2030.

In February 2020, he secured his fourth term in office following elections that the opposition described as fraudulent, claiming victory for themselves.

“I've got nothing to hide,” Bishop Alowonou told the Le Monde newspaper, talking about the hack. “But it's seems clear that this type of software is dangerous for our freedom, for our democracy.”

“This clear violation of our citizens' freedoms is very serious,” said Priest Affognon, speaking to Le Monde. The WhatsApp vulnerability enabling the spyware injection was subsequently fixed by its software engineers, with WhatsApp attributing the attacks to NSO Group, an Israeli spyware developer.

The Citizen Lab worked with WhatsApp to investigate the attack and contacted those who had been targeted, looking at the digital threat to civil society.

The Guardian newspaper reported that The Citizen Lab was not necessarily pointing the finger at the Togolese government for using NGO Group spyware, although the fact that the targets were all from the opposition was troubling.

Rights group Amnesty International have been critical of the Togolese government and their “excessive use of force, arbitrary arrests and detentions, torture and other ill-treatment, and impunity for human rights violations”. Amnesty said the country's new cyber criminality law “restricts freedom of expression”.