Investigation Reveals The Israeli Made Pegasus Spyware Used To Track Over 50,000 Phones
17 media outlets conducted an extensive investigation that found NSO Group's Pegasus software was used in hacking attempts on at least 37 smartphones belonging to human rights activists and journalists. The investigation revealed that the Pegasus malware was abused by NSO Group's government clients to spy on journalists, opposition politicians and rights activists. The targets also include presidents and prime ministers.
Who uncovered it?
Amnesty International and the journalism nonprofit Hidden Stories found the numbers in a list of leaked numbers, according to the Post. Numbers on the list have been targeted for possible surveillance by countries who are clients of NSO, the report states, which sells spyware to governments with poor human rights records.
What is Pegasus
The NSO Group is an Israel-based group that makes hacking tools that are used by governments and law enforcement agencies around the world, some of which have severe human rights records. Among its best-known products is "Pegasus," a spyware that can jailbreak devices such as iPhones, install malware, and allow the exporting of user data.
In addition to extracting data from a device, Pegasus can activate the device's microphone and listen to conversations secretly.
Pegasus is a highly invasive tool by NSO, It works by sending an exploit link to the target user, which if clicked downloads malware or code onto the device without the user's knowledge or permission. Once the malware has been installed, the hacker has full access to the target's phone. Among this private information are passwords, contact lists, calendar events, SMS messages, and live voice calls. Additionally, it can turn on the camera and microphone of a target's phone. It has even been reported that the malware can be installed without the user clicking the "exploit link."
Who was targeted?
The leaked database contains a list of more than 50,000 phone numbers believed to be those of persons of interest by multiple government clients of NSO since 2016. About 1,000 individuals from 50 countries were able to be identified by media outlets participating in the project as potential clients for NSO. More than 85 human rights activists, 189 journalists, and more than 65 business executives, more than 600 politicians and government officials were targeted.
The list of targeted journalists dates back to 2016 and includes reporters from the Post, CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde, the Financial Times, and Al Jazeera from all over the world.
Targets in India, Mexico
NSO clients included totalitarian states such as Saudi Arabia and Azerbaijan, as well as democracies such as India and Mexico.
The Wire reported that 300 mobile phones used in India were on the list. The phone numbers were used by cabinet ministers, opposition politicians, journalists, lawyers, businessmen, scientists, and rights activists.
More than 40 Indian journalists from major publications including The Hindu, the Indian Express, and two founding editors of The Wire, were among people whose numbers were on the list.
In 2019, an investigation by Citizen Lab revealed that the Indian government was spying on lawyers, activists, and journalists using the Pegasus software via WhatsApp.
The Indian government had denied the allegations after WhatsApp filed a lawsuit against NSO in the United States, in which the messenger app confirmed the details reported by Citizen Lab.
According to the Washington Post, 10,000 of the numbers on the list belong to politicians, union representatives, journalists, and government critics from Mexico. One of them was a Mexican freelance journalist who was murdered and his cellphone was never found. It could not be confirmed if he was infected with Pegasus.
The Committee to Protect Journalists previously noted that technology has contributed to increased danger for journalists operating in Mexico. The organization put out an advisory warning that Pegasus spyware, which is used to collect data and monitor mobile phone usage, was found being used against investigative journalists in the country.
In 2016, Columbia Journalism Review wrote, "Mexico has been ground zero for Pegasus's deployment against journalists," when the malware was originally discovered. "At least six reporters have been targeted there, according to exhaustive research by both Citizen Lab and the Mexican digital rights group R3D. Those attacks coincided with major journalistic investigations that challenged the Mexican government."
Jamal Khashoggi's fiancée targeted
In 2019, the Pegasus spyware was found to be responsible for the murder of the former Washington Post Saudi journalist, Jamal Kashoggi. Amnesty International reported that the spyware was successfully installed on the phone of two women close to Khashoggi, including his fiancée, Hatice Cengiz. Pegasus infected Cengiz's phone just four days before Kashoggi was murdered in the Saudi Consulate in Istanbul in 2018 by Assassins linked to Mohammed bin Salman. NSO has been accused of spying on Khashoggi twice now.
In January 2020, United Nations experts called for an official investigation into reports that Saudi Crown Prince Mohammed bin Salman had the phone of Amazon founder and Washington Post owner Jeff Bezos hacked.
Bezos' phone was presumably hacked to keep tabs on the reporting of the Post, for which Khashoggi wrote.
An NSO spokesperson denied the report's claims, declaring that it was "full of wrong assumptions and uncorroborated theories that raise serious doubts about the reliability and interests of the sources,” and questioned the sources that supplied the information. “After checking their claims, we firmly deny the false allegations made in their report.” According to the company, it is considering filing a defamation lawsuit, it claims “these allegations are so outrageous and far from reality.”
The Pegasus spyware has been accused of being part of a larger surveillance campaign before. Between July and August 2020, Citizen Lab discovered that 36 phones belonging to Al Jazeera journalists had been hacked using Pegasus technology, possibly by Middle Eastern governments. In 2019, WhatsApp hacked WhatsApp's encrypted chat service using Pegasus in 2019, according to the lawsuit filed against NSO.
While NSO group continues to threaten defamation lawsuits against the media outlets publishing the story more details from around the world continue to emerge.