Israeli spyware used to hack mobiles of journalists, activists
An investigation by a global media consortium based on leaked targeting data provides evidence that military-grade malware from Israel-based NSO Group, the world’s most infamous hacker-forhire outfit, is being used to spy on journalists, human rights activists and political dissidents.
From a list of more than 50,000 cellphone numbers obtained by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International and shared with 16 news organisations, journalists were able to identify more than 1000 individuals in 50 countries who were allegedly selected by NSO Group clients for potential surveillance.
They include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to The Washington Post, a consortium member.
The journalists work for organisations including The Associated Press, Reuters, CNN, The Wall Street Journal, Le Monde and the Financial Times.
Amnesty also reported that its forensic researchers had determined that NSO Group’s flagship Pegasus spyware was successfully installed on the phone of Post
journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after he was killed in the Saudi Consulate in Istanbul in 2018. The company had previously been implicated in other spying on Khashoggi.
NSO Group denied in an emailed statement that the data on which the report was based was leaked from its servers, ‘‘since such data never existed on any of our servers’’. It said the Forbidden Stories report was ‘‘full of wrong assumptions and uncorroborated theories’’.
The company reiterated its claim that it only sells to governments for use against terrorists and major criminals.
Critics call those claims dishonest and say repeated abuse of Pegasus spyware highlights the nearly complete lack of regulation of the private global surveillance industry.
The source of the leak – and how it was authenticated – was not disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it believed the data represented potential targets of NSO’S government clients. The Post said it identified 37 hacked smartphones on the list. The Guardian, another consortium member, reported that Amnesty had found traces of Pegasus infections on the cellphones of 15 journalists who let their phones be examined after discovering their number was in the data.
The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East. NSO Group’s spyware has been implicated in targeted surveillance chiefly in the Middle East and Mexico. Saudi Arabia is reported to be among NSO clients.
Also on the lists were phones in countries including France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.
‘‘The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate critical media. It is about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice,’’ Amnesty quoted its secretarygeneral, Agnes Callamard, as saying.
AP’S director of media relations, Lauren Easton, said the company was ‘‘deeply troubled to learn that two AP journalists, along with journalists from many news organisations, are among those who may have been targeted by Pegasus spyware.’’ She said AP has taken steps to ensure the security of its journalists’ devices and is investigating.
The consortium’s findings build on extensive work by cybersecurity researchers, primarily from the University of Torontobased watchdog Citizen Lab. NSO targets identified by researchers beginning in 2016 include dozens of Al-jazeera journalists and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption reporter Carmen Aristegui. Her phone number was on the list, the Post reported. –AP