Israeli Company's Pegasus Spyware Abused For Spying On Journalists, Political Activists, Top Officials

Israeli Company’s Pegasus Spyware Abused For Spying On Journalists, Political Activists, Top Officials

An investigation into a data leak revealed that spyware developed by an Israeli software company NSO Group is abused by various actors to surveil thousands of heads of state, activists, journalists, and lawyers around the world in violation of human rights.

More than 80 journalists from 10 countries have taken part in investigating human rights abuses. The operation dubbed the “Pegasus Project” was coordinated by a non-profit Forbidden Stories and Amnesty International.

“The Pegasus Project lays bare how NSO’s spyware is a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent, placing countless lives in peril,” Amnesty International’s Secretary-General, Agnès Callamard, said.

The findings of the report reveal that NSO’s spyware is not only used by legitimate law enforcement agencies to investigate terrorist activities, as the software company claims, and show how NSO’s technology facilitates systemic abuses. “They paint a picture of legitimacy, while profiting from widespread human rights violations,” Callamard added.

The NSO Group’s surveillance software is called “Pegasus.” When installed on the victim’s iPhone or Android device, it can harvest SMS messages, emails, calls, contact information, and chat messages from apps like WhatsApp, Telegram, and Signal, and turn on the phone’s microphone and camera for eavesdropping.

The NSO Group’s product, which is used by governments around the world, is typically installed through an exploit in common apps or via a malicious link.

From 2014 up to July 2021, the list of victims included over 600 politicians and journalists from over 50 countries.

According to Bill Marczak of Citizen Lab, the NSO Group can easily break into the latest iPhones by exploiting the security flaw in iMessage that’s not fixed by iOS 14’s new security framework.

“All this indicates that NSO Group can break into the latest iPhones,” Citizen Lab’s Bill Marczak said in a series of tweets. “It also indicates that Apple has a MAJOR blinking red five-alarm-fire problem with iMessage security that their BlastDoor Framework (introduced in iOS 14 to make zero-click exploitation more difficult) ain’t solving.”

Of the devices tested, 23 were infected with the Pegasus software. Some devices exhibited signs of attempted exploitation, the Washington Post said in a detailed report.

Export controls have failed to prevent the exploitation of our phones, said Edward Snowden, the former US intelligence contractor who leaked details of the country’s surveillance programs:

“The coming week’s stories about the global hacking of phones identical to the one in your pocket, by for-profit companies, make it clear that export controls have failed as a means to regulate this industry,” U.S. whistleblower Edward Snowden tweeted. “Only a comprehensive moratorium on sales can remove the profit motive.”

In response to all this, the Israeli company denied “the false allegations” and noted that it’s only doing its work on a “life-saving mission” to locate missing children, disrupt sex trafficking rings, locate survivors in collapsed buildings, etc.

“After checking their claims, we firmly deny the false allegations made in their report,” NSO claimed. “Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims. In fact, these allegations are so outrageous and far from reality, that NSO is considering a defamation lawsuit.”

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.