1000 journalists, activists, politicians targeted by Pegasus Spyware

0

An investigation by a group of global media outlets has provided evidence that military-grade malware from Israel-based NSO Group, the world’s most infamous hacker-for-hire outfit, is being used to spy on journalists, human rights activists and political dissidents.

From a list of more than 50,000 mobile phone numbers obtained by the Paris-based journalism non-profit Forbidden Stories and the human rights group Amnesty International and shared with 16 news organisations, journalists were able to identify more than 1000 individuals in 50 countries who were allegedly selected by NSO clients for potential surveillance.

They include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to The Washington Post, a consortium member. The journalists work for organisations including The Associated Press, Reuters, CNN, The Wall Street Journal, Le Monde and The Financial Times.

Amnesty also reported that its forensic researchers had determined that NSO Group’s flagship Pegasus spyware was successfully installed on the phone of Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after he was killed in the Saudi consulate in Istanbul in 2018. The company had previously been implicated in other spying on Khashoggi.

NSO Group denied in an emailed statement that the data on which the report was based was leaked from its servers “since such data never existed on any of our servers”. It called the Forbidden Stories report “full of wrong assumptions and uncorroborated theories”.

The company reiterated its claim that it only sells to governments for use against terrorists and major criminals. Critics call those claims dishonest and say repeated abuse of Pegasus spyware highlights the nearly complete lack of regulation of the private global surveillance industry.

The source of the leak – and how it was authenticated – was not disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it believed the data represented potential targets of NSO’s government clients. The Post said it identified 37 hacked smartphones on the list. The Guardian, another consortium member, reported that Amnesty had found traces of Pegasus infections on the phones of 15 journalists who let their phones be examined after discovering their number was in the leaked data.

The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East. NSO Group’s spyware has been implicated in targeted surveillance chiefly in the Middle East and Mexico. Saudi Arabia is reported to be among NSO clients. Also on the lists were phones in countries including France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.

“The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate critical media. It is about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice,” Amnesty quoted its secretary-general, Agnes Callamard, as saying.

The consortium’s findings build on extensive work by cybersecurity researchers, primarily from the University of Toronto-based watchdog Citizen Lab. NSO targets identified by researchers beginning in 2016 include dozens of Al-Jazeera journalists and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption reporter Carmen Aristegui. Her phone number was on the list, the Post reported.

Among more than two dozen previously documented Mexican targets are proponents of a soda tax, opposition politicians, human rights activists investigating a mass disappearance and the widow of a slain journalist. In the Middle East, the victims have mostly been journalists and dissidents, allegedly targeted by the Saudi and United Arab Emirates governments.

The consortium’s “Pegasus Project” reporting bolsters accusations that not just autocratic regimes but democratic governments, including India and Mexico, have used Pegasus spyware for political ends. Its members, who include Le Monde and Sueddeutsche Zeitung of Germany, are promising a series of stories based on the leak.

Pegasus infiltrates phones to vacuum up personal and location data and surreptitiously control the smartphone’s microphones and cameras. In the case of journalists, that lets hackers spy on reporters’ communications with sources.

The program is designed to bypass detection and mask its activity. Pegasus’ methods to infect its victims have grown from requiring users to click on a link to be so sophisticated that researchers say it can now do so without any user interaction, the so-called “zero-click’ option.

In 2019, WhatsApp and its parent company Facebook sued NSO Group in US federal court in San Francisco, accusing it of exploiting a flaw in the popular encrypted messaging service to target – with missed calls alone – some 1400 users. NSO Group denies the accusations.

global ‘hacking spree’
NSO Group does not disclose its clients and says it sells its technology to Israeli-approved governments to help them target terrorists and break up paedophile rings and sex- and drug-trafficking rings. It says its spyware is neither designed nor licensed for use against human rights activists or journalists. It says it has helped save thousands of lives in recent years. It denies its technology was in any way associated with Khashoggi’s murder.

NSO Group also denies involvement in elaborate undercover operations uncovered by The AP in 2019 in which shadowy operatives targeted NSO critics including a Citizen Lab researcher to try to discredit them.

Last year, an Israeli court dismissed an Amnesty International lawsuit seeking to strip NSO of its export licence, citing insufficient evidence.

Amnesty spokesman Gil Naveh said of the company: “They are the most dangerous cyber weapon that we know of, and they’re not being properly overseen.”

NSO Group is far from the only merchant of commercial spyware. But its behaviour has drawn the most attention, and critics say that is with good reason.

Last month, it published its first transparency report, in which it says it has rejected “more than $US300 million in sales opportunities as a result of its human rights review processes.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation and a strident critic, tweeted: “If this report was printed, it would not be worth the paper it was printed on.”

Hackers can stop the trains and the lights. But could they start a war?
A new, interactive online data platform created by the group Forensic Architecture with support from Citizen Lab and Amnesty International catalogs NSO Group’s activities by country and target. The group partnered with filmmaker Laura Poitras, best known for her 2014 documentary Citzenfour about NSA whistleblower Edward Snowden, who offers video narrations.

Since 2019, the UK private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported the company was considering an initial public offering, most likely on the Tel Aviv Stock Exchange.

AP

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here