Spyware “Target Activist” Sold to Government


An Israeli woman is using her iPhone on August 28, 2016, in front of a building containing an Israeli NSO group in Herzliya near Tel Aviv.

An Israeli woman is using her iPhone on August 28, 2016, in front of a building containing an Israeli NSO group in Herzliya near Tel Aviv.

According to media reports, rights activists, journalists and lawyers around the world are being targeted by phone malware sold to authoritarian governments by Israeli surveillance companies.

They are on the list of about 50,000 phone numbers leaked to major media outlets that the company’s client NSO Group may be interested in.

It wasn’t clear where the list came from or how many phones were actually hacked.

NSO denies cheating.

The software is intended for use against criminals and terrorists and is only available to military, law enforcement and intelligence agencies in countries with good human rights records.

The first investigation, which led to a report by Paris-based NGO Forbidden Stories and human rights group Amnesty International, said it was “full of false assumptions and unsubstantiated theories.”

Allegations regarding the use of software known as Pegasus were filed on Sunday by The Washington Post, Guardian, Lemond, and 14 other media organizations around the world.

Pegasus infects iPhone and Android devices, allowing operators to extract messages, photos and emails, record calls, and secretly activate microphones and cameras.

What do we know about the target audience?

The numbers on the list were unknown, but the media working on the investigation said they had identified more than 1,000 people across more than 50 countries.

Among them are politicians, heads of state, executives, activists, and several from the Arab royal family. Organizations such as CNN, The New York Times and Al Jazeera have found that more than 180 journalists are also on the list.

Many were reportedly gathered in 10 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.

When contacted by the dealers involved in the investigation, spokespersons in these countries denied that Pegasus was used or abused the power of surveillance.

It wasn’t clear how many of the devices on the list were actually targeted, but forensic analysis of 37 phones showed that there were “tried and successful” hacks, the Washington Post said. I reported.

This included people near Jamal Khashoggi, a Saudi journalist whose body was dismantled after being killed during a visit to the Saudi Consulate in Istanbul, Turkey, in October 2018.

Investigations revealed that spyware was installed on the fiancĂ©’s phone a few days after the murder, and that his wife’s phone was targeted by the spyware between September 2017 and April 2018.

On October 3, 2018, missing Saudi journalist Jamal Khashoggi's Turkish fiance, Hatis, is waiting in front of the Saudi Consulate in Istanbul, Turkey.

Jamal Khashoggi’s fiancĂ© Hatice Cengiz was targeted in the days following his murder, investigations found.

The technology “has nothing to do with vicious murder,” the NSO Group said.

A study found that the phone of Mexican journalist Cecilio Pineda Bilt also appeared twice on the list, including the month before the murder.

Forensic investigations were not possible because his phone disappeared from the murder scene, but the NSO said that even if his phone was targeted, the data collected was related to his murder. Said it doesn’t mean.

Details about who was targeted will be announced in the coming days.

WhatsApp sued NSO in 2019The company claims to have been behind a cyberattack on 1,400 mobile phones involving Pegasus. At the time, NSO denied cheating, but WhatsApp was banned.

Analysis box by cyber reporter Joe Tydy

Analysis box by cyber reporter Joe Tydy

The claim here is not new, but what is new is the scale of targeting innocent people who are allegedly happening. Approximately 200 reporters from 21 countries have posted phone numbers on this list, and it is expected that the names of prominent public figures will be further revealed.

There are many unclear points in these claims, such as the source of the list and the number of phone numbers targeted by spyware. The NSO Group has shaken again and denied all criticism, but it’s a blow to companies that are actively trying to reform their reputation.

Only two weeks ago, they published their first “Transparency Report,” detailing human rights policies and pledges. Amnesty International has wiped out the 32-page document as a “sales brochure”.

These latest claims will do more damage to the image, but not financially to the company. Few private companies can create intrusive espionage tools like those sold by NSOs, and clearly the less regulated market for software is booming.

You may also be interested in:

Click here to view the BBC Interactive

Posted on