A US citizen had government-grade spyware placed on his laptop by the Ethiopian government, who proceeded to monitor his Skype calls, instant messages, and his whole family's Internet use. Finspy, the software the Ethiopian regime used was provided by Gamma Group, a British company that makes and sells spyware exclusively to governments. They attacked the US citizen's computer while he was in the USA.
The victim of the attack -- who is being called "Mr. Kidane" in order to protect his family in Ethiopia -- is suing the Ethiopian government in a US court, and is represented by the Electronic Frontier Foundation.
"We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life," said EFF Staff Attorney Nate Cardozo. "The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. Here, it wiretapped a United States citizen on United States soil in an apparent attempt to obtain information about members of the Ethiopian diaspora who have been critical of their former government. U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible."
A forensic examination of Mr. Kidane's computer showed that the device had been infected when he opened a Microsoft Word document that contained hidden malware. The document had been an attachment to an email message sent by agents of the Ethiopian government and forwarded to Mr. Kidane. The spyware contained in the attachment was a program called FinSpy, a suite of surveillance software marketed exclusively to governments by the Gamma Group of Companies. In the several months FinSpy was on Mr. Kidane's computer, it recorded a vast array of activities conducted by users of the machine. Traces of the spyware inadvertently left on his computer show that information – including recordings of dozens of Skype phone calls – was surreptitiously sent to a secret control server located in Ethiopia and controlled by the Ethiopian government.