An investigation by an international newspaper consortium, published on Sunday (18), found that software created by an Israeli company capable of hacking phones could be used in several countries to spy on thousands of people, including journalists, opposition activists and politicians.
The software at the heart of the investigation is the Pegasus spyware, which was created by Israeli tech company NSO and designed to track down criminals and terrorists. The system is sold to up to 60 military, intelligence and security agencies in 40 countries around the world.
The investigation was carried out in collaboration by more than 80 journalists from 17 media, including the American Washington Post and the British The Guardian, with the help of Amnesty International and the French NGO Forbidden Stories. They had access to a list of over 50,000 phone numbers in over 45 countries that are potential spy targets.
Investigators believe that these figures, recorded since 2016, come from people of interest of government clients of the NSO group. The data contains the date and time when it was selected and entered into the system. “While the data indicates intent, the presence of a number on the list does not reveal whether a successful spyware phone hacking attempt such as NSO’s Pegasus was made,” the Guardian explains.
A forensic analysis carried out by Amnesty International on a small sample of 67 phone numbers indicated a correlation between the date of registration and the start of Pegasus activities on these phones.
Of the 67 cell phones analyzed by Amnesty International, 23 had been successfully hacked and 14 showed signs of attempted hacking. For the other 30, the tests were inconclusive.
How the program works
Pegasus is spyware, monitoring software, that can invade cell phones that are running Android and iOS operating systems without the device owner noticing.
After infecting a device, Pegasus is able to copy sent or received messages, collect photos, record calls, and even access the cell phone’s camera and microphone to make secret recordings. The program can also monitor the user’s location.
The oldest known version of the program, dating from 2016, forced the owner of the cell phone to click on a malicious link sent by message or email in order for the device to be hacked. Now Pegasus can break into cell phones without the need for clicks or interaction from the phone owner.
To do this, the program exploits vulnerabilities in the operating system or commonly used applications. The program code can be installed simply with a call via WhatsApp, for example, even if the person does not answer the call.
Once installed, the program can access virtually any data on the cell phone and transmit it to anyone who monitors it. This includes SMS messages, emails, photos and videos, GPS location, calendar, contacts, and even messages from programs with end-to-end encryption such as WhatsApp. Additionally, spyware can activate the microphone, camera, and record calls.
who are the targets
Phone numbers on the list that are believed to be numbers selected by customers using the Israeli company’s spyware include journalists, activists, judges and politicians. Among the potential targets identified by the investigation are 180 journalists, including major media such as the New York Times and the Financial Times.
At least 50 people close to Mexican President Andrés Manuel López Obrador, including his wife, children, advisers and a doctor, are on the list, which contains more than 15,000 people from Mexico. The recordings were made during the government of former President Enrique Peña Nieto. Possible Mexican targets include politicians from all parties, lawyers, journalists, activists, diplomats, teachers, doctors, academics as well as priests, victims of state-sponsored crimes and children of public figures.
The spyware was also allegedly used to spy on people close to Saudi journalist Jamal Khashoggi, who was murdered at a consulate in Turkey, according to the report. According to forensic analyzes, the phones of the two women closest to the journalist were targeted by the program. The Android device of his then wife Hanan Elatr was the subject of a hack attempt six months before the murder, but the analysis could not determine whether the hack was successful. Khashoggi’s fiancée Hatice Cengiz’s iPhone was invaded by spyware days after the journalist’s death, according to the analysis.
What Israel’s NSO Company and Cited Governments Say
ONS claims to sell its tools to 60 clients in 40 countries, but does not identify them. Investigative journalists have identified that the governments of ten countries should be responsible for selecting targets: Saudi Arabia, Azerbaijan, Bahrain, Kazakhstan, United Arab Emirates, Hungary, India, Morocco, Mexico and Rwanda.
The NSO group issued a statement to investigative newspapers denying the allegations in the reports. The company said it did not have access to data on its customers’ targets and that the news consortium had drawn “incorrect conclusions” about customers using the company’s technology.
The Israeli company also said the number of 50,000 targets was “exaggerated” and the list may not match government target phones using Pegasus.
Lawyers for NSO said they had reason to believe that the list viewed by reporters “is not a list of numbers targeted by governments using Pegasus, but may be part of a larger list of numbers that may have been used by NSO customers for other purposes “.
So far, the governments of Rwanda, Hungary, Morocco and India have already answered questions from the press. The press releases can be read in their entirety on the websites of the newspapers participating in the consortia.