Amnesty International says it has found that a hacking group known as Ocean Lotus has been staging more spyware attacks on Vietnamese human rights activists in the latest blow to freedom of speech in the communist-ruled country
The human rights group said Wednesday that Amnesty Tech's Security Lab found evidence of the hacking attempts in phishing emails sent to two dissidents, one in the Philippines and one in Germany.
Cybersecurity firms earlier identified hacking attempts by Ocean Lotus targeting dissidents, governments and companies across Southeast Asia. The hackers are suspected of having ties to Vietnam's government, which has been cracking down on dissent.
Amnesty urged the Vietnamese government to investigate.
The report said that blogger and pro-democracy activist Bui Thanh Hieu was targeted with spyware at least four times between February 2018 and December 2019. He left Vietnam and has lived in Germany since 2013. It said another blogger based in Vietnam, who was not named due to fears for their safety, was targeted three times last year.
A Philippines-based nongovernmental organization, the Vietnamese Overseas Initiative for Conscience Empowerment, or VOICE, was targeted by hackers in April 2020, the report said.
It said former staff and volunteers for VOICE were harassed, prevented from traveling and had their passports confiscated when they returned to Vietnam.
The Amnesty report also said the hacking efforts involved emails pretending to share an important document with a link to download a file.
An analysis of the phishing emails indicated they were generated by Ocean Lotus, based on the tools and techniques they used, it said. The hacking targets Mac OS, Android and Windows operating systems.
“More recently Ocean Lotus was found to have created fake online media websites based on content automatically gathered from legitimate news websites," the report said.
Vietnam is one of the handful of the world’s remaining communist single-party states that tolerate no dissent.
Human rights groups have been urging Vietnam to cease its repressive activities towards critics, seen especially in severe punishments of bloggers.
According to the cybersecurity company Volexity, OceanLotus was identified as a Vietnam-based hacking group in 2015. The group is suspected of staging sophisticated, widespread digital surveillance and attack campaigns since 2013 against some Asian countries, the Association of Southeast Asian Nations, and many people and groups linked to the media and human rights groups.