Reports released Sunday indicate that “authoritarian governments” abused the Pegasus software, “hacking 37 smartphones,” according to a Washington Post report.
According to the Guardian, the leak contains a list of more than 50,000 numbers that may be of interest to NSO customers since 2016.
However, the mention of phone numbers in the leaked data does not by itself mean that these devices have been hacked.
The Washington Post said the numbers on the list also belong to heads of state and prime ministers, members of Arab royal families, diplomats and politicians, as well as activists and business leaders.
The list also included journalists from media organizations around the world including Agence France-Presse, Wall Street Journal, CNN, New York Times, Al Jazeera, France 24, Radio Free Europe, Mediapart, El País, l ‘Associated Press, Le Monde. , Bloomberg, The Economist, Reuters and Voice of America, the Guardian said.
According to a forensic analysis by Amnesty’s security lab, two women close to murdered Saudi columnist Jamal Khashoggi have been targeted by spyware Pegasus, according to the Washington Post newspaper. Khashoggi’s fiancee Hatice Cengiz’s phone was infected with the malware days after her assassination at the Saudi consulate in Istanbul in October 2018, the newspaper reported, for which Khashoggi wrote.
Pegasus, a sophisticated surveillance tool developed by the Israeli company, infects the user’s smartphone and steals all information from the phone, including every name and phone number, SMS, email, Facebook message, anything from Skype, WhatsApp, Viber, WeChat and Telegram.
The list did not identify the customers, but reports said many were clustered in 10 countries – Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
“The surveillance industry works in a cloud of darkness – its products are designed to deceive and avoid guilt,” Natalia Krapiva, technical legal adviser at Access Now, told Al Jazeera.
“Yet we ask ourselves, ‘How could such a thing happen?’ Spyware companies simply cannot be trusted to hold themselves accountable. This story, along with the recent revelations of abuse by Cellebrite and Candiru, is another example of why we urgently need to shine a light on these surveillance companies and the governments that use them.
“The industry has shown that it is incapable of controlling itself and governments are hiding behind national security to excuse these surveillance abuses. We need regulation, transparency and accountability and we need it now, ”she told Al Jazeera.
Amnesty International and Forbidden Stories, a Paris-based nonprofit media organization, first gained access to the leak, which they then shared with media organizations around the world.
— Suchitra Vijayan (@suchitrav) July 18, 2021
NSO, which was previously committed to monitoring abuse of its software, strongly denied what it called “false allegations.”
“NSO Group strongly denies the false allegations made in your report,” he said in a statement released by the Guardian. “Many of which are unsubstantiated theories that raise serious doubts about the reliability of your sources, as well as the basis of your story. “
According to the company, she has good reason to “believe … that the claims … are based on a misleading interpretation of the data disclosed from basic, accessible and obvious information.”
Citizen Lab reported in December that dozens of journalists from Qatar-based Al Jazeera Media Network had their mobile communications intercepted by sophisticated electronic surveillance.
Amnesty International reported in June last year that Moroccan authorities used Pegasus software to insert spyware on the mobile phone of Omar Radi, a journalist convicted of a social media post.
Bilal Kuchay contributed to the New Delhi report