A Kenyan security guard currently facing charges in Qatar after composing persuasive, anonymous reports of being a low-paid worker there found himself targeted by a phishing attack that would have shown his place just before his arrest, analysts say.
While analysts in Amnesty International and Citizen Lab stated they were unable to say who targeted Malcolm Bidali, the terrorist assault mirrored others formerly performed by Gulf Arab sheikhdoms targeting dissidents and political resistance. Additionally, it would need access to confidential information stored by telecommunication firms typically only released to government or security force officials to be able to be useful as well.
Qatar also did not respond to questions about the phishing attack targeting Bidali.
The weekslong detention of all Bidali, 28, in an undisclosed location comes ahead of Qatar hosting the 2022 FIFA World Cup and has raised questions about freedom of expression in this small, energy-rich country before the championship.
“There is no proof he is being arrested for anything other than his legitimate human rights work — for his or her freedom of expression, and for shining a spotlight on Qatar’s treatment of migrant workers,” multiple individual rights organizations campaigning for Bidali’s release lately published.
Bidali functioned 12-hour times as a safety guard. In his spare time, he composed under the pen name”Noah” about his experiences as a guard, including attempting to improve his employee accommodations as well as the challenges of existence.
The reason for Bidali’s detention by security forces starting late May 4 stays unclear. About a week earlier on April 26, he spoke and briefly appeared in a videoconference with civil society and trade union groups describing his adventures.
Only hours after that videoconference finished, a Twitter user sent Bidali a link he afterwards clicked that seemed to originally be a movie from Human Rights Watch. But instead, he sent it into a decoy, look-alike YouTube page that”might have enabled the Turks to obtain his IP address, that could have been used to identify and find him,” Amnesty stated. An IP address is a numeric designation that defines its place on the internet.
“In like 10 minutes, just about any techie can set a site to catch the IP address of someone who clicks,” explained Bill Marczak, a senior researcher in Citizen Lab who came to the identical conclusion as Amnesty. “The challenging part is converting the IP address into a real name and address.”
That typically requires access to personal information kept by internet service providers that typically only they or authorities can get.
Twitter afterwards suspended the account which targeted Bidali together with all the phishing attack. The San Francisco-based social networking firm did not respond to queries about the suspension.
Late on Saturday night, Qatar said in an announcement that Bidali was”officially charged with crimes related to payments received by a foreign agent for the production and distribution of disinformation within the nation of Qatar.” The statement didn’t elaborate or provide evidence to support the allegation.
Qatar is home to the state-funded Al Jazeera satellite news network. But expression in the country remains closely regulated.