Country
Ethiopia

Source
Article - Cyber Security Intelligence

Title
Dated 22 Dec 2017 | Ethiopian Cyber Spies Left Clues Behind

About
The Ethiopian government used spyware acquired from an Israeli company to spy on dissidents living in the country and abroad, but government operatives have failed when configuring their command and control (C&C) server, exposing a list of all their targets.

Key findings
The spear-phishing campaign wasn't very well executed, and some targets became suspicious. | Instead of backing down and dismantling their infrastructure, Ethiopian government operatives decided to spear-phish a Citizen Lab researcher involved in the investigation | Attackers went after local and foreign targets| The Ethiopian government not only infected local Ethiopians but also a large number of persons living in the Ethiopian diasporas in other countries. The list of targets, which Citizen Lab researchers promptly notified, included journalists, activists, and dissidents involved in recent protests that took place in Ethiopia's Oromia region, but also government officials from neighbouring country Eritrea.

Website
https://www.cybersecurityintelligence.com/blog/ethiopian-cyber-spies-left-clues-behind-3011.html