Reading Time: 3 minutes
Israeli spyware found on smartphones worldwide – used to hack mobile devices of reporters, human rights activists, and fiancee of assassinated Saudi journalist Jamal Khashoggi reveals an investigation by the Washington Post.

According to an investigation by the Washington Post and 16 news agencies, military-grade spyware licensed by Israeli spyware firm NSO Group hacked more than 50,000 smartphones across the world. It is said to have been used to surveil reporters, human rights activists, and business executives.

Pegasus Spyware

The report found NSO’s Pegasus spyware, licensed to governments for tracking criminals and terrorists, used to hack 37 smartphones of journalists and human rights activists.

The NSO’s Pegasus Spyware can literally transform any smartphone into a surveillance device by activating cameras and microphones without the user knowing.

It can also be installed without the user initiating the download itself. Once the smartphone is infected, all the information on the phone, including call records, emails, text messages, and photos, can be accessed.

The report by The Washington Post said more than 50,000 numbers had been believed to be targeted. The complete list was shared with the news agencies by Forbidden Stories and Amnesty International.

According to the list, 15,000 numbers were in Mexico belonging to journalists, union representatives, and politicians. 300 targeted smartphones were reported in India, including journalists from major publications like the Hindustan Times, The Hindu, and the Indian Express.

Citizen Lab Report on Pegasus Spyware

The Citizen Lab, a research center at the University of Toronto, previously reported the use of Pegasus spyware to hack phones of reporters and journalists of Al-Jazeera.

Citizen Lab reported in December that more than 40+ journalists at the Al Jazeera network had been targeted by Pegasus.

Similarly, in June 2020, Amnesty International reported that the Moroccan authorities used NSO’s Pegasus spyware on the mobile phone of Omar Radi, a journalist convicted over a 9-month old tweet criticizing a judge.

The media outlets were able to identify more than 1,000 people across 50 countries on the list. It includes members of Arab royal families, business executives, human rights activists, journalists, and politicians, including prime ministers, cabinet ministers, and heads of the state.

NSO’s Pegasus Spyware Linked with Khashoggi’s Assassination

According to the forensic analysis report, evidence suggests that the spyware was used to monitor people close to Jamal Khashoggi before and after his death. The report also revealed that a person close to Khashoggi was hacked four days after his assassination in Turkey with this Israeli spyware.

The investigation points out that this might be an attempt by Saudi Arabia to monitor Khashoggi’s investigation by the Turkish authorities, as the spyware was also found in the phone of Istanbul’s chief prosecutor.

Forensic examination of Khashoggi’s wife, Hanan Elatr’s phone revealed that she received four text messages containing links to Pegasus spyware, disguised as messages from her sister. Elatr said:

“Jamal warned me before that this might happen. It makes me believe they are aware of everything that happened to Jamal through me…I kept my phone on the tea table while Jamal was talking to a Saudi guy twice a week.”

The Citizen Lab also confirmed that Khashoggi’s friend Omar Abdulaziz, a Canadian permanent resident, has also successfully targeted with Pegasus spyware since June 2018.

Amnesty International’s Investigation into Pegasus Spyware

Amnesty International published a report on Pegasus Spyware and how it targets mobile phones. In the report, it is said that Pegasus spyware is a “zero-click” attack that does not require any action from the target. However, it does leave a trace on the infected mobile phone – making it discoverable.

A forensic analysis report on Oman Radi’s phone revealed that when he visited sites like a French Newspaper online, a network injection redirected him through different domains that were infected.

Similarly, phones of other journalists also showed similar records on various apps like iMessage, iPhotos, iCloud and more on iPhones. The infected iPhone 6s was running an iOS 14.4 at the time of the spyware attack. It leads to an increasing amount of vulnerabilities in iOS devices, leading to a sharp rise in the use of VPNs.

While VPNs cannot prevent a spyware attack, they can mask your location and prevent browser fingerprinting and online tracking. The best VPN automatically blocks websites, thus protecting you against most potential malware attacks.

NSO Response

NSO Group denied the finding of the report saying the investigation contains “uncorroborated theories” based on “misleading interpretation of leaked data from accessible and overt basic information.”

They also denied the claim that the Israeli Government has access to NSO’s customer data and monitors all information. Furthermore, NSO stated that their technology is not associated in any way with the murder of Jamal Khashoggi. Their official response was as follows:

“…our products sold to vetted foreign governments, cannot be used to conduct cyber surveillance within the United States, and no customer has ever been granted technology that would enable them to access phones with US numbers.  It is technologically impossible…”

NSO group said that they would continue the investigation into the matter and take appropriate action. NSO Chief Executive, Shalex Hulio, said on Sunday:

“We are checking every allegation, and if some of the allegations are true, we will take stern action, and we will terminate contracts like we did in the past…If anybody did any kind of surveillance on journalists, even if it’s not by Pegasus, it’s disturbing.”

NSO Pegasus spyware is licensed to governments across the world to hack mobile phones for the purpose of surveillance. It is used to surveil terrorists and criminals worldwide.

“The surveillance being reported is an appalling violation of press freedoms, and we strongly condemn it,” said a spokesperson from Bloomberg News. Amidst the increase in cybersecurity threats in 2021,  the investigation leads to important questions that the Israeli government needs to answer, especially regarding its interference in other countries politics.