Boston (AP) —A Global Media Consortium Study Based on Leaked Targeting Data Finds Military-grade Malware from Israel-based NSO Group, the World’s Most Notorious Hacker Hiring Costume, to Spy Journalists Provides further evidence that it is being used, human rights activists and political opponents. From a list of over 50,000 mobile phone numbers obtained by Paris-based
Boston (AP) —A Global Media Consortium Study Based on Leaked Targeting Data Finds Military-grade Malware from Israel-based NSO Group, the World’s Most Notorious Hacker Hiring Costume, to Spy Journalists Provides further evidence that it is being used, human rights activists and political opponents.
From a list of over 50,000 mobile phone numbers obtained by Paris-based journalism nonprofit Forbidden Stories and human rights group Amnesty International and shared with 16 media outlets, journalists identify more than 1,000 individuals in 50 countries. I was able to. NSO client for potential monitoring.
According to the Washington Post, a member of the consortium, they have 189 journalists, more than 600 politicians and government officials, at least 65 executives, 85 human rights activists, and several heads of state. It contains. Journalists work for organizations such as The Associated Press, Reuters, CNN, The Wall Street Journal, Lemond, and the Financial Times.
Amnesty International is also a forensic researcher, Hati Jessenjiz, the fiancée of post-journalist Jamal Khashoggi, just four days after the NSO Group’s flagship product, Pegasus Spyware, was killed at the Saudi Consulate in Istanbul in 2018. Reported that it was determined to have been successfully installed on the phone. Previously, he was involved with other Khashoggi spies.
In an email statement, the NSO Group denied that the data on which the report was based was leaked from the server. “Because such data did not exist on any server.” It called the forbidden story report “full of false assumptions and unsubstantiated theories.”
The company reiterated its claim that it only sells to the government for use against terrorists and major criminals. Critics call these allegations dishonest and say that repeated abuse of Pegasus spyware underscores the near-complete lack of regulation of the private sector’s global surveillance industry.
The cause of the leak and its authentication method have not been clarified. Although the data did not attempt to hack the device just because it contained a phone number, the consortium said it believed the data was a potential target for NSO government clients. According to the post, 37 hacked smartphones on the list were identified. Another consortium member, Guardian, reported that Amnesty International had found evidence of a Pegasus infection on the mobile phones of 15 journalists.
The largest number on the list, 15,000, is Mexican phones, which have a large share in the Middle East. NSO Group spyware is primarily concerned with targeted surveillance in the Middle East and Mexico. Saudi Arabia is reported to be one of the NSO clients. The list also included phones from countries such as France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.
“The number of journalists identified as targets clearly shows how Pegasus is used as a tool to intimidate important media. It controls public stories and resists scrutiny. , Suppressing dissenting opinions, “Amnesty International quoted as its Executive Director, Agnes Caramard.
The consortium’s findings are based primarily on extensive research by cybersecurity researchers at the University of Toronto-based Watchdog Citizen Lab. NSO targets identified by researchers since 2016 include dozens of Al Jazeera journalists and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radiand and Mexico’s prominent anti-corruption. Includes reporter Carmen Alistegi. Her phone number was on the list, the post reported.
Among the more than 20 previously documented Mexican targets are sugar tax supporters, opposition politicians, human rights activists investigating mass disappearances, and the widow of murdered journalists. In the Middle East, the victims were primarily opponents of journalists and were allegedly targeted by the Saudi Arabian government and the United Arab Emirates government.
The consortium’s “Pegasus Project” report supports the accusations that not only the dictatorship but also democratic governments, including India and Mexico, used the NSO Group’s Pegasus spyware for political purposes. Its members, including Le Monde of Germany and the Süddeutsche Zeitung, promise a series of stories based on leaks.
Pegasus breaks into your phone, vacuums your personal and location data, and secretly controls your smartphone’s microphone and camera. For journalists, it allows hackers to spy on reporters’ communication with sources.
The program is designed to bypass detection and mask its activity. The method of infecting victims of the NSO Group is so sophisticated that researchers say it is now possible to infect without user intervention. This is the so-called “zero click” option.
In 2019, WhatsApp and its parent company, Facebook, sued the NSO Group in a US federal court in San Francisco, accusing it of exploiting a flaw in a popular encrypted messaging service to target about 1,400 users. did. The NSO Group denies the accusation.
An Israeli company was sued last year in Israel and Cyprus, which are exporting products. Plaintiffs include Al Jazeera journalists, as well as other Qatar, Mexican, and Saudi journalists and activists who say the company’s spyware was used to hack them.
Some of the proceedings make extensive use of leaked material provided to Abdullah Al-Athbah, the editor of the Qatar newspaper Al-Arab and one of the alleged victims. This document seems to indicate that UAE officials are discussing whether to hack the phones of seniors in Saudi Arabia and Qatar, including members of the Qatar royal family.
The NSO Group does not disclose its customers and states that it will sell its technology to Israeli-approved governments to help target terrorists and dismantle the pedophile circle and the sexual and drug trafficking circle. The spyware states that it has not been designed or licensed for use by human rights activists or journalists. In recent years, it has been said to have helped save the lives of thousands of people. It denies that the technique was somehow associated with the killing of Khashoggi.
The NSO Group has also denied involvement in the elaborate masked operations revealed by AP in 2019.
Last year, an Israeli court dismissed Amnesty International’s proceedings to strip NSO’s export license because of insufficient evidence.
Amnesty International spokesman Gil Nabe said of the company: “These are the most dangerous cyberweapons we know of and are not properly monitored.”
NSO Group is not the only commercial spyware merchant. But that behavior has received the most attention, and critics say it’s a good reason.
Last month, the company released its first transparency report, stating that it rejected “more than $ 300 million in sales opportunities as a result of the human rights review process.” “If this report were printed, it wouldn’t be worth the printed paper,” tweeted Eva Galperin, director and critic of cybersecurity at the Electronic Frontier Foundation.
Created by the Group Forensic Architecture with the support of Citizen Lab and Amnesty International, a new interactive online data platform catalogs NSO Group activities by country and target. The group has partnered with Laura Poitras, the best-known filmmaker in the 2014 documentary Citzenfour on NSA whistleblower Edward Snowden, who provides video narration.
Since 2019, UK private equity firm Novalpina Capital has managed a majority stake in the NSO Group. Earlier this year, Israeli media reported that the company was probably considering an initial public offering on the Tel Aviv Stock Exchange.