Pegasus: Leaked spyware list reveals thousands of numbers ‘targeted by authoritarian governments’

Data purports to identify a number of governments across the globe as clients of Israeli firm

NSO Group's Pegasus spyware 'used to hack cellphones of journalists, activists'
Leer en Español

Military-grade spyware leased by an Israeli firm – NSO Group – may have been used by authoritarian governments across the world to hack the cell phones of journalists, lawyers, activists and politicians, new leaked data suggests.

An investigation led by the Paris-based nonprofit Forbidden Stories and Amnesty International, who shared the data with several media partners, has identified 50,000 “people of interest” who may have been targeted with NSO spyware known as Pegasus, which the company says is supposed to be used against criminals and terrorists.

Forbidden Stories called this a “new global weapon to silence journalists” and claims that “at least 180 journalists around the world have been selected as targets by clients of the cyber surveillance company NSO Group”. These include reporters, editors and executives at the Financial Times, CNN, The New York Times, France 24, The Economist, the Associated Press and Reuters.

Among the list were also two women who were close to the murdered Saudi journalist Jamal Khashoggi, the investigations revealed.

And the consortium’s analysis of the leaked data identified at least 10 governments believed to be NSO customers who were entering numbers into a system: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India and the United Arab Emirates (UAE).

NSO Group denied that the 50,000 were targeted with Pegasus spyware and said that the investigation published late on Sunday was “full of wrong assumptions and uncorroborated theories”. It did not deny that some of the data was genuine, but said the numbers may have been used by its clients for other purposes.

Pegasus infects iPhones and Android devices without the user knowing that the spyware has been installed – it can be installed without a click – and helps secretly activate the phone’s microphone, extracts messages, photos, emails and call log details.

A specific number’s presence on the list of 50,000 does not necessarily reveal “whether a device was infected with Pegasus or subject to an attempted hack”, noted the Guardian, one of the media partners given access to the leaked list. However, it added, “the consortium believes the data is indicative of the potential targets NSO’s government clients identified in advance of possible surveillance attempts”.

The consortium sought to verify the list by contacting a number of those involved and running forensic checks on their phones. Amnesty International Security Lab’s forensic analyses found results that were “consistent with past analyses of journalists targeted through NSO’s spyware, including the dozens of journalists allegedly hacked in the UAE and Saudi Arabia and identified by Citizen Lab in December of last year”.

Claudio Guarnieri, director of Amnesty International’s Security Lab, said: “There are a bunch of different pieces, essentially, and they all fit together very well. There’s no doubt in my mind that what we’re looking at is Pegasus because the characteristics are very distinct and all of the traces that we see confirm each other.”

In India, the investigation revealed that at least 40 Indian journalists as well as opposition leaders, two serving government ministers and a sitting Supreme Court justice were selected as targets of an NSO client “that appears to be the Indian government,” according to the analysis of the leaked data.

The Indian government issued a lengthy statement on Sunday in which it neither confirmed nor denied being a client of NSO Group, but rejected the suggestion that it had ever illegally intercepted data and called the right to privacy “a fundamental right”. “The allegations regarding government surveillance on specific people have no concrete basis or truth associated with it whatsoever,” it said.

According to NSO Group’s Transparency and Responsibility report, released in June 2021, the company has 60 clients in 40 countries around the world. And the company maintains that Pegasus is “not a mass surveillance technology, and only collects data from the mobile devices of specific individuals, suspected to be involved in serious crime and terror”.

The consortium said it would publish more details of the identities of individuals whose numbers were included on the leaked list in the coming days.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in