BOSTON-An investigation conducted by a global media consortium based on leaked target data further proves that military-grade malware from the Israeli NSO group is being used to monitor journalists, human rights defenders, and political dissidents.
From a list of more than 50,000 mobile phone numbers obtained from the Paris-based news non-profit organization Forbidden Stories and human rights organization Amnesty International and shared with 16 news organizations, journalists were able to identify more than 1,000 individuals from 50 countries, who allegedly It is used by NSO customers for potential monitoring.
According to the Washington Post, a member of the consortium, they include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists, and several heads of state. These reporters work for the Associated Press, Reuters, CNN, Wall Street Journal, Monde, and Financial Times.
NSO Group denied in its email response to the Associated Press question that it had maintained a “list of potential, past or existing targets” and stated that it was unable to understand its customers’ data. In another statement, it said the “Taboo Stories” report was “full of false assumptions and unproven theories.”
The company reiterated its claim to only sell products to “reviewed government agencies” for use in combating terrorists and major criminals. Critics call these claims dishonest, and claim that the repeated abuse of Pegasus spyware highlights an almost complete lack of regulation of the private global surveillance industry.
The source of the leak-and how it was certified-has not been disclosed. Although the presence of a phone number in the data does not mean that someone tried to hack into the device, the consortium stated that it believes the data indicates a potential target for NSO government customers. The Post said it identified 37 hacked smartphones on the list. Another consortium member The Guardian reported that Amnesty International found traces of Pegasus infection on the phones of 15 journalists who asked them to check their phones after they found their phone numbers in the leaked data.
The highest number on the list is 15,000. It comes from Mexican mobile phones and accounts for a large proportion in the Middle East. NSO Group’s spyware mainly participates in targeted surveillance in the Middle East and Mexico. According to reports, Saudi Arabia is one of NSO’s customers. There are also mobile phones from France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan on the list.
“The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate and criticize the media. This is about controlling public narratives, resisting censorship, and suppressing any voice of dissent,” Amnesty International quoted its Secretary-General Agnes Kara Ma De said, said.
The Associated Press media relations director Lauren Easton said that the company “learned that two Associated Press reporters and reporters from many news organizations” were included in the list of 1,000 potential targets infected by Pegasus. The company is deeply disturbed. She said the Associated Press is investigating to determine whether the devices of its two employees were affected by spyware.
The consortium’s research results are based on the massive work of cybersecurity researchers, mainly from the Citizens Laboratory of the University of Toronto’s regulatory agency. The National Bureau of Statistics targets set by researchers since 2016 include dozens of Al Jazeera reporters and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Rady, and a well-known Mexican anti-corruption reporter Carmen Aristegui. According to the Post, her phone number is on the list. According to The Times, Hubbard and his former Mexico City bureau chief Azam Ahmed (Azam Ahmed) are on the list.
According to the “Guardian”, two Hungarian investigative journalists Andras Szabo and Szabolcs Panyi were one of the journalists on the list who successfully infected Pegasus with their mobile phones.
Among the previously documented Mexican targets are more than 20 supporters of soda taxes, opposition politicians, human rights activists investigating mass disappearances, and the widow of a murdered journalist. In the Middle East, the victims are mostly journalists and dissidents, who are allegedly targeted by the governments of Saudi Arabia and the United Arab Emirates.
The consortium’s “Project Pegasus” report supports the allegation that not only authoritarian regimes but also democratic governments including India and Mexico use NSO Group’s Pegasus spyware for political purposes. Its members include the German Le Monde and Süddeutsche Zeitung, and they promised to provide a series of stories based on the leaks.
Pegasus will sneak into the phone to collect personal and location data, and secretly control the smartphone’s microphone and camera. As far as journalists are concerned, this allows hackers to monitor communications between journalists and sources.
The program is designed to bypass detection and mask its activity. NSO Group’s method of infecting victims has become so complicated that researchers say that it can now be done without any user interaction, the so-called “zero-click” option.
In 2019, WhatsApp and its parent company Facebook sued NSO Group in the US Federal Court in San Francisco, accusing it of using a flaw in the popular encrypted messaging service to target approximately 1,400 users—just missed calls. NSO Group denies these allegations.
The Israeli company was sued last year in two exporting countries, Israel and Cyprus. The plaintiffs included Al Jazeera reporters, as well as other Qatar, Mexican and Saudi journalists and activists, who said the company’s spyware was used to invade them.
Several of these lawsuits largely used material leaked to the editor of Qatari newspaper Al-Arab, Abdullah Al-Athbah, and one of the alleged victims. The material appears to indicate that officials in the United Arab Emirates are discussing whether to hack into the phones of senior figures in Saudi Arabia and Qatar, including members of the Qatar royal family.
NSO Group did not disclose its customers and stated that it would sell its technology to the government approved by Israel to help them target terrorists and break down pedophile groups and sex trafficking and drug trafficking groups. The company stated that its spyware was not designed and licensed to deal with human rights activists or journalists. It says it has helped save thousands of lives in recent years. It denied any connection between its technology and Kashuji’s murder.
The NSO Group also denied participating in a carefully planned undercover operation discovered by the Associated Press in 2019, in which shady agents targeted NSO critics, including Citizen Lab researchers, in an attempt to discredit them.
Last year, an Israeli court dismissed Amnesty International’s attempt to deprive NSO’s export license for lack of evidence.
NSO Group is far from the only commercial spyware vendor. But its behavior has attracted the most attention, and critics say it has good reasons.
Last month, it released its first transparency report, which stated that it had rejected “a sales opportunity of more than $300 million provided by its human rights review process.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, wrote on Twitter: “If this report is printed, then the paper it is printed on is worthless.”
With the support of Citizen Lab and Amnesty International, a new interactive online data platform created by Forensic Architecture Group catalogs NSO Group activities by country and goal. The organization collaborated with filmmaker Laura Poitras, who was famous for the 2014 documentary “Citizen Four” about the NSA whistleblower Edward Snowden, who provided video narration .
“Stop what you are doing and read this article,” Snowden quoted the consortium’s findings on Twitter on Sunday. “This leak will be the story of this year.”
Since 2019, the British private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported that the company is considering an initial public offering, most likely to be listed on the Tel Aviv Stock Exchange.