Journalists and activists among company spyware targets – report
An investigation by a global media consortium alleged that military-grade malware from the Israeli group NSO is being used to spy on journalists, human rights activists and political dissidents.
The consortium of 17 news agencies say they have identified more than 1,000 people in 50 countries who have been selected by NSO clients for potential surveillance. They include nearly 200 journalists.
The leaked targeting data – a list of more than 50,000 cell phone numbers – was obtained by the French journalism association Forbidden Stories and the human rights group Amnesty International.
The NSO Group denies that the data was leaked from its servers and calls the Forbidden Stories report “full of flawed assumptions and unsubstantiated theories.”
The leaked list includes 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to the Washington Post.
Journalists work for organizations such as the Associated Press, Reuters, CNN, the Wall Street Journal, Le Monde and the Financial Times.
Amnesty also reported that its forensics researchers determined that NSO Group’s flagship spyware, Pegasus, was successfully installed on the phone of Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after her assassination. at the Saudi consulate in Istanbul in 2018.
The company had previously been involved in other spies on Mr. Khashoggi.
The NSO group denied ever having kept “a list of potential targets, past or existing”.
The company reiterated its claims that it only sold to “approved government agencies” for use against terrorists and major criminals and that it had no visibility into its customer data.
Critics call the claims dishonest – and have provided evidence that NSO directly handles high-tech espionage.
They say the repeated abuse of Pegasus spyware highlights the almost complete lack of regulation of the private global surveillance industry.
The source of the leak – and how it was authenticated – has not been disclosed. While the presence of a phone number in the data doesn’t mean an attempt was made to hack a device, the consortium said it believed the data pointed to potential targets of NSO’s government customers.
The Post said it had identified 37 hacked smartphones on the list. The Guardian, another member of the consortium, reported that Amnesty found traces of Pegasus infections on the phones of 15 journalists who let their phones be examined after discovering their number was in the leaked data.
The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East.
NSO Group’s spyware has been involved in targeted surveillance primarily in the Middle East and Mexico.
Saudi Arabia is said to be among the NSO’s clients. The lists also included phones in countries such as France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.
Amnesty General Secretary Agnes Callamard said: “The number of journalists identified as targets vividly illustrates how Pegasus is being used as a tool to intimidate critical media. It’s about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice. “
In a case highlighted by the Guardian, Mexican journalist Cecilio Pineda Birto was murdered in 2017 weeks after his phone number appeared on the leaked list.
AP Director of Media Relations Lauren Easton said the company was “deeply disturbed to learn that two AP reporters, as well as reporters from many news organizations” were on the 1,000 list. potential targets for Pegasus infection.
She said the AP was investigating to try to determine whether the devices of her two employees were compromised by the spyware.
The consortium’s findings are based on extensive work by cybersecurity researchers, primarily from the University of Toronto watchdog Citizen Lab.
NSO targets identified by researchers from 2016 include dozens of journalists and Al-Jazeera executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption journalist Carmen Aristegui.
His phone number was on the list, the Post reported. The Times said Hubbard and his former Mexico City bureau chief, Azam Ahmed, were on the list.
Two Hungarian investigative journalists, Andras Szabo and Szabolcs Panyi, were among the list journalists whose phones were successfully infected with Pegasus, the Guardian reported.
Among more than two dozen Mexican targets already documented are supporters of a soda tax, opposition politicians, human rights activists investigating a mass disappearance and the widow of a murdered journalist.
In the Middle East, the victims are mostly journalists and dissidents, who have reportedly been targeted by the governments of Saudi Arabia and the United Arab Emirates.
The consortium’s “Project Pegasus” reports reinforce accusations that not only autocratic regimes, but also democratic governments, including India and Mexico, used NSO Group’s Pegasus spyware for political ends.
Its members, including Le Monde and Sueddeutsche Zeitung from Germany, promise a series of stories based on the leak.
Pegasus infiltrates phones to collect personal and location data and surreptitiously control smartphone microphones and cameras.
In the case of journalists, this allows hackers to spy on journalists’ communications with sources.
The program is designed to bypass detection and hide its activity. The NSO Group’s methods of infecting its victims have become so sophisticated that researchers say it can now do so without any user interaction, the so-called “zero-click” option.
In 2019, WhatsApp and its parent company Facebook sued NSO Group in US federal court in San Francisco, accusing it of exploiting a loophole in the popular encrypted messaging service to target – with only missed calls – some 1 400 users. NSO Group denies the charges.
The Israeli company was sued the previous year in Israel and Cyprus, two countries from which it exports products.
The plaintiffs include Al-Jazeera journalists, as well as other Qatari, Mexican and Saudi journalists and activists who say the company’s spyware was used to hack them.
Several of the prosecutions rely heavily on leaked information provided to Abdullah Al-Athbah, editor of the Qatari newspaper Al-Arab and one of the alleged victims.
The material appears to show officials in the United Arab Emirates discussing whether to hack the phones of senior officials in Saudi Arabia and Qatar, including members of the Qatari royal family.
NSO Group does not disclose its customers and says it sells its technology to governments approved by Israel to help them target terrorists and break down pedophile, drug and sex trafficking rings.
He claims his software has helped save thousands of lives and denies that its technology was in any way associated with the murder of Mr. Khashoggi.