Ride the Lightning

The Pegasus Project: Israel Spyware Used to Hack Phones of Journalists and Activists Globally

July 20, 2021

News of the existence of the Pegasus Project has spread like wildfire. As the Washington Post reported, military-grade spyware leased by the Israeli firm NSO Group to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and the two women closest to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners led by the Paris-based journalism nonprofit Forbidden Stories.

In a separate story, the Washington Post explained the genesis of the Pegasus Project: “The project was conceived by Forbidden Stories, a Paris-based journalism nonprofit, which, along with Amnesty International, a human rights group, had access to records that formed the basis of our reporting: a list of more than 50,000 cellphone numbers concentrated in countries known to surveil their citizens and also known to have been clients of NSO Group, a private Israeli firm that is a worldwide leader in the field of private surveillance. NSO is the developer of Pegasus, a powerful spyware tool, and says it has 60 government agency clients in 40 countries, which it will not name. The company says that it licenses its software only to vetted governments and that Pegasus is meant to be targeted at criminals — drug dealers, terrorists, pedophiles — not ordinary citizens.”

Here are key takeaways from the investigation:

Thirty-seven targeted smartphones were on a list of more than 50,000 numbers concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of NSO Group. The list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 phones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance attempts, in some cases as brief as a few seconds.

The numbers on the list are unattributed, but reporters identified more than 1,000 people in more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats and military and security officers, as well as several heads of state and prime ministers. The purpose of the list could not be conclusively determined.

The targeting of the 37 smartphones would appear to conflict with the stated purpose of NSO’s licensing of the Pegasus spyware, which the company says is intended only for use in surveilling terrorists and major criminals. The evidence extracted from these smartphones, revealed now for the first time, calls into question pledges by the Israeli company to police its clients for human rights abuses. NSO Chief Executive Shalev Hulio said on July 18 that he was “very concerned” by The Post’s reports. “We are checking every allegation, and if some of the allegations are true, we will take stern action, and we will terminate contracts like we did in the past.” He added, “If anybody did any kind of surveillance on journalists, even if it’s not by Pegasus, it’s disturbing.”

The discovery on a list of phone numbers of 37 smartphones that had been either penetrated or attacked with Pegasus spyware reignites the debate over whether Apple has done enough to ensure the security of its devices, popular around the globe for their reputation for resisting hacking attempts. Thirty-four of the 37 were iPhones.

Among the 37 phones confirmed to have been targeted, 10 were in India and another five in Hungary, most linked to journalists, activists or businesspeople. The finding will add to concerns about extralegal government surveillance conducted with private spyware in both countries. Hundreds more numbers from India and Hungary appear on the broader global list. Each country says it acts legally in carrying out any surveillance activity.

NSO Group’s Pegasus spyware, licensed to governments around the globe, can infect phones without a click. Beyond the personal intrusions made possible by smartphone surveillance, the widespread use of spyware has emerged as a leading threat to democracies worldwide, critics say.

I do not know how Pegasus works – hoping to learn more in the coming days. But this is a perfectly predictable threat and I am glad to see so many journalists and others banding together to get this information out in the open.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email:  Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson