An investigation by a global media consortium based on leaked target data further proves that military-grade malware from Israel’s NSO group is being used to monitor journalists, human rights activists and political dissidents.
From a list of more than 50,000 mobile phone numbers obtained from the Paris-based news non-profit organization Forbidden Stories and human rights organization Amnesty International and shared with 16 news organizations, journalists were able to identify more than 1,000 individuals from 50 countries, who allegedly It is used by NSO customers for potential monitoring.
According to the Washington Post, a member of the consortium, they include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists, and several heads of state. These reporters work for the Associated Press, Reuters, CNN, Wall Street Journal, Monde, and Financial Times.
NSO Group denied in an email statement that the data on which the report was based was leaked from its servers, “because such data never existed on any of our servers.” It said the Taboo Stories report was “full of errors. Hypotheses and unproven theories”.
The company reiterated its claim to only sell products to the government to combat terrorists and major criminals. Critics call these claims dishonest, and claim that the repeated abuse of Pegasus spyware highlights an almost complete lack of regulation of the private global surveillance industry.
The source of the leak-and how it was certified-has not been disclosed. Although the presence of a phone number in the data does not mean that someone is trying to hack into the device, the consortium stated that it believes the data represents a potential target for NSO government customers. The Post said it identified 37 hacked smartphones on the list. Another consortium member The Guardian reported that Amnesty International found traces of Pegasus infection on the phones of 15 journalists who asked them to check their phones after they found their phone numbers in the leaked data.
The highest number on the list is 15,000. It comes from Mexican mobile phones and accounts for a large proportion in the Middle East. NSO Group’s spyware mainly participates in targeted surveillance in the Middle East and Mexico. According to reports, Saudi Arabia is one of NSO’s customers. There are also mobile phones from France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan on the list.
“The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate and criticize the media. This is about controlling public narratives, resisting censorship, and suppressing any dissenting voices,” Amnesty International quoted its Secretary-General Agnes. Karamad said.
Lauren Easton, director of media relations for the Associated Press, said the company “is deeply disturbed to learn that two Associated Press reporters and reporters from many news organizations may be targets of Pegasus spyware.” She said. The Associated Press has taken measures to ensure the safety of its reporter equipment and is investigating.
The consortium’s research results are based on the massive work of cybersecurity researchers, mainly from the Citizens Laboratory of the University of Toronto’s regulatory agency. The National Bureau of Statistics targets set by researchers since 2016 include dozens of Al Jazeera reporters and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Rady, and a well-known Mexican anti-corruption reporter Carmen Aristegui. According to the Post, her phone number is on the list.
Among the previously documented Mexican targets are more than 20 supporters of soda taxes, opposition politicians, human rights activists investigating mass disappearances, and the widow of a murdered journalist. In the Middle East, the victims are mostly journalists and dissidents, who are allegedly targeted by the governments of Saudi Arabia and the United Arab Emirates.
The consortium’s “Project Pegasus” report supports the allegation that not only authoritarian regimes but also democratic governments including India and Mexico use NSO Group’s Pegasus spyware for political purposes. Its members include the German Le Monde and Süddeutsche Zeitung, and they promised to provide a series of stories based on the leaks.
Pegasus will sneak into the phone to collect personal and location data, and secretly control the smartphone’s microphone and camera. As far as journalists are concerned, this allows hackers to monitor communications between journalists and sources.
The program is designed to bypass detection and mask its activity. The NSO Group’s method of infecting victims has become so complicated that researchers say that it can now be done without any user interaction, the so-called “zero-click” option.
In 2019, WhatsApp and its parent company Facebook sued NSO Group in the US Federal Court in San Francisco, accusing it of using a flaw in the popular encrypted messaging service to target only _ missed calls-about 1,400 users. NSO Group denies these allegations.
The Israeli company was sued last year in two exporting countries, Israel and Cyprus. The plaintiffs included Al Jazeera reporters, as well as other Qatar, Mexican and Saudi journalists and activists, who said the company’s spyware was used to invade them.
Several of these lawsuits largely used material leaked to the editor of Qatari newspaper Al-Arab, Abdullah Al-Athbah, and one of the alleged victims. The material appears to indicate that officials in the United Arab Emirates are discussing whether to hack into the phones of senior figures in Saudi Arabia and Qatar, including members of the Qatar royal family.
NSO Group did not disclose its customers and stated that it would sell its technology to the government approved by Israel to help them target terrorists and break down pedophile groups and sex trafficking and drug trafficking groups. The company stated that its spyware was not designed and licensed to deal with human rights activists or journalists. It says it has helped save thousands of lives in recent years. It denied any connection between its technology and Kashuji’s murder.
The NSO Group also denied participating in a carefully planned undercover operation discovered by the Associated Press in 2019, in which shady agents targeted NSO critics, including Citizen Lab researchers, in an attempt to discredit them.
Last year, an Israeli court dismissed Amnesty International’s attempt to deprive NSO’s export license for lack of evidence.
Amnesty International spokesperson Gil Naveh said of the company: “They are the most dangerous cyber weapons we know and they are not properly monitored.”
NSO Group is far from the only commercial spyware vendor. But its behavior has attracted the most attention, and critics say it has good reasons.
Last month, it released its first transparency report, in which it stated that it had rejected “a sales opportunity of more than US$300 million due to its human rights review process.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, wrote on Twitter: “If this report is printed, then the paper it is printed on is worthless.”
With the support of Citizen Lab and Amnesty International, a new interactive online data platform created by Forensic Architecture Group catalogs NSO Group activities by country and goal. The organization collaborated with film producer Laura Poitras, who was famous for the 2014 documentary “Citzenfour” about the US National Security Agency whistleblower Edward Snowden (Edward Snowden). Provide video narration.
Since 2019, the British private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported that the company is considering an initial public offering, most likely to be listed on the Tel Aviv Stock Exchange.
© 2021 Canadian Press
