Macron among leaders on potential spyware list
French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the notorious Israeli spyware firm NSO Group, Amnesty International said yesterday.
‘‘The unprecedented revelation ... should send a chill down the spine of world leaders,‘‘ Amnesty’s secretary general, Agnes Callamard, said in a statement.
Among potential targets found on a list of 50,000 phone numbers leaked to Amnesty and the Parisbased journalism nonprofit Forbidden Stories include Presidents Cyril Ramaphosa of South Africa and Barham Salih of Iraq. King Mohammed VI of Morocco and three current prime ministers – Imran Khan of Pakistan, Mustafa Madbouly of Egypt and Saad Eddine El Othmani of Morocco – are also on the list, The Washington Post reported.
The Post said none of the heads of state would offer their smartphones for forensic testing that might have detected whether they were infected by NSO’s military-grade Pegasus spyware. Thirty-seven phones identified in the investigation were either breached or shows signs of attempted infection, it has reported.
The Post and 16 other members of a global media consortium were granted access to the leaked list. Another member, the French daily
Le Monde, determined that 15 members of the French government may have been among potential targets with Macron in 2019.
Following first reports by consortium members on Monday, the Paris prosecutor’s office said it was investigating the suspected widespread use of NSO’s military-grade Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.
Amnesty earlier released a forensic analysis of the alleged targeting that showed Amazon Web Services was hosting NSO infrastructure. In response, Amazon said it shut down NSO accounts that were ‘‘confirmed to be supporting the reported hacking activity.’’
Amazon said the accounts had violated its terms of use.
Another US company identified by Amnesty as hosting NSO servers was DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers.
‘‘All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean,‘‘ it said yesterday.
The consortium’s findings significantly widen the scope of alleged abuses in which NSO Group has been implicated since 2016. Those include the surveillance of friends and relatives of journalist Jamal Khashoggi, who was killed inside the Saudi consulate in Istanbul in 2018 — and highlight what critics call the urgent need to regulate global sales of commercial hacking tools. –