The Guardian: Governments hack 50,000 phones, including politicians and journalists


The British newspaper “The Guardian” published a report in which it revealed that the “Israeli” NSO company sold Pegasus spyware to authoritarian regimes that was used to spy on activists, politicians and journalists. “A large number of human rights activists, journalists and lawyers around the world have been pursued by their authoritarian and authoritarian governments, and have been the target of spying by those governments that used hacking software sold by the Israeli monitoring company NSO Group, according to a special investigation into a data leakage operation. The investigation, conducted by Britain’s Guardian newspaper and 16 other media organizations, points to widespread and ongoing misuse of NSO’s Pegasus hacking spyware, which insists that these “software” are only for use against criminals and terrorists. “Malware” that infects iPhone and Android devices to enable operators of this program (Pegasus) to secretly extract messages, photos, emails, even record calls and activate microphones. The data leak contains a list of more than 50,000 phone numbers believed to be identified as Figures of people of interest by NSO clients since 2016. Initially, Forbidden Stories, a media organization, managed A Paris-based non-profit organization, Amnesty International, gained access to the leaked list, and shared this information with media partners as part of Project Pegasus, a journalistic consortium. The presence of a phone number in the leaked database does not prove whether the device was infected with Pegasus or just the subject of a hacking attempt. However, the press consortium believes that the leaked data is a “signal” to the potential targets of NSO’s government clients that were previously identified as the subject of potential surveillance. Surveys of a limited number of phones whose numbers appeared in the leaked list showed that more than half of these phones were exposed to the Pegasus spyware. In the coming days, the Guardian and its media partners will reveal the identities of the people whose numbers appeared on the list. They include hundreds of business executives, religious figures, academics, NGO employees, union and government officials, and even ministers, presidents, and prime ministers. The list also contains the phone numbers of family members very close to a ruler, suggesting that this ruler may have instructed his own intelligence agencies to explore the possibility of monitoring his relatives. Details of the scandal begin Sunday, with the disclosure of the presence of more than 180 journalists included in the database, including reporters, editors and CEOs of the Financial Times, CNN, The New York Times, France 24 and The Economist. Economist), as well as Reuters and the Associated Press. The phone number of Mexican Cecilia Pineda Berto (freelance reporter) was found on the list. It appears that Pineda Berto was targeted by a Mexican agent in the last weeks leading up to his murder, after his killer managed to locate him in a car wash. Pineda Berto’s phone was never found, so criminal agencies were unable to determine or determine whether the phone had been exposed to the Pegasus spyware. NSO said that even if Pineda Berto’s phone was targeted, this does not mean that the data collected from his phone contributed in any way to his killing, stressing that governments could have discovered Pineda Berto’s location by other means. Twenty-five Mexican journalists were apparently selected as candidates for probation over a two-year period. Without a definitive report from forensic experts, it is impossible to determine whether the phones were subjected to a successful hacking attempt using Pegasus. In statements issued by its attorneys, NSO denied what it said were “false allegations” made about its clients’ activities. But it said it would “continue to investigate all credible allegations of abuse and take appropriate action.” She said the database could not be a list of numbers “targeted by governments using Pegasus,” and called the 50,000 figure “exaggerated”. NSO sells its software only to militaries (11%), law enforcement agencies (38%), and intelligence agencies and agencies (51%) in 40 unnamed countries. It says it carefully examines its clients’ human rights records before allowing them to use its spying tools. The work of NSO is directly and closely regulated by the Israeli Ministry of Defense, granting individual export licenses before allowing the sale of special surveillance technology to a new country. Last month, NSO released a transparency report in which it claimed to have a pioneering approach to human rights. It has published excerpts from contracts with its customers, and claims that these contracts state that customers should use its products only in criminal investigations and national security. There is no indication that NSO agents have also not used Pegasus software in terrorism and crime investigations, the Media Consortium has also found numbers in the database of criminals and suspects. However, the wide range of figures on the list, which belong to people apparently unrelated to crime, indicates that some NSO clients are breaching their contracts with the company, using the devices they purchase to spy on pro-democracy activists and journalists investigating corruption, as well as Political opponents and anyone who criticizes governments. This hypothesis is supported by the results of forensic analyzes conducted on the phones of a small sample of journalists, human rights activists and lawyers whose numbers appeared on the leaked list. The research, conducted by Amnesty International’s Security Lab, a technology partner in the Pegasus project, found traces of Pegasus software on 37 of the 67 phones examined. The analysis also revealed some correlations between the time and date of entering a listed number and the initiation of Pegasus software activity on the device, which in some cases occurred after only a few seconds.AI shared its forensic work on four iPhones with Citizen Lab, a University of Toronto research group that studies Pegasus software, which confirmed it showed signs of Pegasus virus infection. Citizen Lab also conducted a peer review of AI’s forensic methods, finding them intact. The Press Consortium’s analysis of the leaked data identified at least 10 governments believed to be NSO clients who were entering numbers into the system: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates. Analysis of the data indicates that the NSO’s client country that chose the largest number of monitored numbers—more than 15,000—was Mexico, where several different government agencies are known to have purchased Pegasus. The analysis also indicated that both Morocco and the United Arab Emirates chose more than 10,000 numbers. The phone numbers selected spanned, perhaps before the start of the monitoring, to more than 45 countries across four continents. There were more than 1,000 numbers in European countries that, the analysis indicated, were chosen by NSO customers. The presence of a number in the data does not mean that there was an attempt to target the phone with spyware. According to NSO, there are other possible purposes for recording numbers in the list. Rwanda, Morocco, India and Hungary all denied using Pegasus to hack the phones of individuals on the list. The governments of Azerbaijan, Bahrain, Kazakhstan, Saudi Arabia, Mexico and the United Arab Emirates did not accept any comment. Project Pegasus is likely to spark discussions about the surveillance and espionage work of some governments in several countries suspected of using this technology. The investigation notes that Viktor Orban’s government in Hungary appears to have deployed NSO technology as part of the so-called “war on media”, targeting investigative journalists in the country, as well as the inner circle of one of Hungary’s few independent media executives. The leaked data and criminal investigation analyzes also indicate that the NSO spy tool was used by Saudi Arabia and its close ally, the UAE, to monitor the phones of close associates of Saudi journalist Jamal Khashoggi – who worked for The Washington Post – during the months following his murder inside a consulate. country in Istanbul. The Turkish public prosecutor, who is investigating Khashoggi’s murder, was also a candidate for targeting. In this regard, Claudio Guarnieri, who runs Amnesty International’s Security Lab, said that once a phone is infected with a Pegasus device, an NSO agent can in fact take control of the phone, enabling it to extract the person’s messages, calls made, and photos taken It stores it, the emails it receives, as well as secretly activates and operates cameras or microphones as well as reads the contents of encrypted messaging applications such as WhatsApp, Telegram and Signal. With access to a phone’s built-in GPS and sensors, Guarnieri added, NSO customers can also secure a history of a person’s past movements and track their real-time location with pinpoint accuracy, for example by determining the direction and speed of the vehicle. The latest developments in NSO’s technology enable it to hack phones with “no click” attacks, which means that a user doesn’t even need to click on virus-carrying links to get their phone infected. Guarnieri identified evidence of NSO exploiting vulnerabilities associated with iMessage, which comes installed on all iPhones, and managed to hack the latest iPhone versions running the latest iOS version. A forensic analysis conducted by his team discovered successful infections and an attempt at Pegasus phones as recently as this month. “Security researchers agree that the iPhone is the most secure mobile device for consumers on the market,” Apple commented. The NSO refused to give specific details about its customers and the people it targets. However, a source familiar with the matter said the average number of annual targets per customer was 112. The source said the company had 45 Pegasus spyware customers. *** What is Pegasus? NSO sells surveillance technology to governments around the world. Its flagship product is Pegasus, a spyware that targets iPhones and Android devices. Once the phone is infected, the Pegasus operator can secretly extract chats, photos, emails, and location data, or activate microphones and cameras without the user’s knowledge. Forbidden Stories, a Paris-based non-profit journalism organization, and Amnesty International gained access to a leak of more than 50,000 phone numbers identified as targets by NSO clients since 2016. Access to the data was then shared with Guardian and 16 other news organizations , including The Washington Post, Le Monde, Die Zeit, Süddeutsche Zeitung. Over 80 journalists worked collaboratively over several months on the investigation, which was coordinated by Forbidden Stories.


Please enter your comment!
Please enter your name here