‘Spyware from NSO Group has been used to spy on journalists worldwide’

The Pegasus spyware from the Israeli private espionage company NSO Group has been used in hacking attempts of at least 37 journalists and human rights activists. Seventeen news organizations claim this on the basis of a joint investigation.

The various news organizations, including The Guardian and The Washington Post together set up a consortium called The Pegasus Project. The media knew through human rights organization Amnesty International and journalistic nonprofit Forbidden Stories obtain a list of phone numbers of 50,000 potential surveillance victims of the spyware. The media have jointly examined this list. It is not known how Amnesty and Forbidden Stories obtained the list.

The Washington Post reports that the owners of the phone numbers were not listed by name, but the 17 media organizations managed to identify more than 1,000 people through a joint investigation. Those potential victims were selected between 2016 and June 2021 for possible surveillance via the Pegasus spyware.

The people come from 50 different countries and include at least 65 businessmen, 85 human rights activists and more than 600 politicians and government employees, including ministers, diplomats and military and security officials. Seven members of the Arab royal family were also on the list. The list also included at least 189 journalists, who work at CNN, the Associated Press, The Wall Street Journal, The New York Times, Bloomberg, the Financial Times and Al Jazeera, among others.

Forensics and Response NSO Group

The media organizations have analyzed the list through interviews and research on ‘four different continents’. At the same time, Amnesty’s security lab a forensic investigation with 67 potentially infected smartphones. Of these, 23 were successfully infected with Pegasus and 14 devices showed ‘signs of hacking attempts’.

For the remaining 30, the tests were inconclusive, writes The Washington Post. Fifteen of those phones were Android smartphones. They showed no sign of a successful infection, but according to the medium, Android smartphones do not store the information needed for Amnesty’s investigation, unlike iPhones. Three Android phones did show signs of targeting, for example Pegasus-linked text messages.

NSO Group has told The Guardian responded to the findings of the seventeen media organizations: “NSO Group strongly denies the false claims in your report, which contain many unconfirmed theories that raise serious doubts about the reliability of your sources and the basis of your story,” the company said. NSO Group would consider a lawsuit for defamation, writes The Verge.

NSO Group and Pegasus

Pegasus is spyware that can be used to eavesdrop on smartphone users. The spyware can track smartphone users remotely. For example, The Guardian writes that it can copy a phone’s messages, photos and emails and eavesdrop on conversations by activating the microphone of an infected smartphone.

According to NSO Group, Pegasus is intended to track down potential criminals and terrorists. For example, the company has investigative and intelligence services from more than forty unnamed countries as customers. The company indicates that it thoroughly checks the human rights files of its customers before selling spyware to them.

NSO Group’s Pegasus spyware has often been discredited. Last year, for example, the Canadian research group Citizen Lab claimed that at least 36 journalists from Al Jazeera and the British Al Araby TV were attacked with the Pegasus malware. WhatsApp previously sued NSO Group, because the company’s Pegasus spyware would have been spread to at least 1400 WhatsApp users. Several tech companies and human rights organizations supported WhatsApp in that lawsuit. Amnesty International also sued NSO Group over the Pegasus spyware, but lost that lawsuit earlier this month.