Activists, journalists and politicians around the world have been spied on using cellphone malware developed by a private Israeli company, reports said on Sunday, sparking fears of widespread violations of privacy and rights.
Use of the software, called Pegasus and developed by the Israeli group NSO, has been reported by the Washington Post, Guardian, Le Monde and other news outlets which collaborated in an investigation into a data breach.
The leak involved a list of up to 50,000 phone numbers that have been identified as people of interest by NSO customers since 2016, according to reports.
Not all of those numbers were subsequently hacked, and news outlets with access to the leak said more details on those compromised would be released in the coming days.
Among the numbers on the list are those of journalists from media organizations around the world, including Agence France-Presse, The Wall Street Journal, CNN, The New York Times, Al Jazeera, France 24, Radio Free Europe, Mediapart, El País, The Associated Press, Le Monde, Bloomberg, The Economist, Reuters and Voice of America, the Guardian said.
The use of the software to hack the phones of Al-Jazeera reporters and a Moroccan journalist has already been reported by Citizen Lab, a research center at the University of Toronto, and Amnesty International.
Among the numbers found on the list were two belonging to women close to Saudi-born journalist Jamal Khashoggi, who was murdered by a Saudi squad in 2018.
The list also included the number of a Mexican freelance journalist who was later murdered in a car wash. His phone was never found and it was not clear if he had been hacked.
The Washington Post said the numbers on the list also belong to heads of state and prime ministers, members of Arab royal families, diplomats and politicians, as well as activists and business leaders.
The list did not identify the customers who had entered the numbers on it. But reports said many were clustered in 10 countries – Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
The Guardian wrote that the investigation suggests “widespread and continued abuse” of Pegasus, which NSO says is intended for use against criminals and terrorists.
Amnesty International and Forbidden Stories, a Paris-based nonprofit media organization, first gained access to the leak, which they then shared with media organizations.
NSO, a leader in the growing and largely unregulated private spyware industry, has previously committed to policing the abuse of its software.
He called the allegations exaggerated and unfounded, according to the Washington Post, and would not confirm the identities of his clients.
Citizen Lab reported in December that dozens of journalists from the Qatari Al-Jazeera network had their mobile communications intercepted by sophisticated electronic surveillance.
Amnesty International reported in June last year that Moroccan authorities used NSO’s Pegasus software to insert spyware on the mobile phone of Omar Radi, a journalist convicted of a social media post.
© 2021 AFP