Military Grade Spyware Targeted Activists and Journalists’ Phones
The list of phone numbers of journalists dates back to 2016, and includes people working for CNN, The Wall Street Journal, The Financial Times, The Associated Press and more.
The spyware known as Pegasus was created by NSO Technologies Group has been used in numerous hacking attempts on smartphones belonging to journalists and human rights activists. NSO is an Israeli tech firm founded in 2010, whose spyware Pegasus allows for the remote surveillance of smartphones and is used by governments to track down potential criminals, terrorists and terrorist activities. The list of phone numbers of journalists dates back to 2016, and includes people working for CNN, The Wall Street Journal, The Financial Times, The Associated Press and more. NSO denies the claims and has said the report is full of wrong assumptions and has uncorroborated stories and have questioned the sources that provided the information.
The investigation into this misuse of software has been dubbed the “Pegasus Project” and is a collaboration of over 80 journalists from around 17 media organizations across 10 countries, and has been organised by Forbidden Stories, a media non-profit based in Paris, as well as tech support from Amnesty International. The investigation found that around 180 journalists and over 600 government officials and politicians have had their phones hacked, across 50 countries and the leaks have spanned 7 years. Rwanda, India, Hungary and Morocco have denied using Pegasus to hack the phones of individuals. "The Pegasus Project lays bare how NSO's spyware is a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent, placing countless lives in peril," Amnesty International's Secretary-General, Agnès Callamard, said.
The tool Pegasus is a cyber-surveillance weapon able to extract all the data from a mobile device and even activate the microphone and camera, allowing the users to listen in on conversations. When covertly installed on iPhone or Android devices it enables an attack that extracts information from emails, text messages, calendars, calls, chat logs from the likes of Telegram, Signal and WhatsApp. It’s sold by NSO to governments over the globe and is generally installed by tricking targets into clicking on malicious links or by exploiting security vulnerabilities in common apps that are previously unknown. A forensic analysis of 67 devices showed that the attacks were carried out by using a ‘zero-click’ exploit, meaning no interaction from the target is needed to infect their devices. One of the compromises were found to have made use of multiple zero-days in iMessage and was able to attack a fully patched iPhone 12 running the newest iOS in July of this year.
"All this indicates that NSO Group can break into the latest iPhones," Citizen Lab's Bill Marczak said in a series of tweets. "It also indicates that Apple has a MAJOR blinking red five-alarm-fire problem with iMessage security that their BlastDoor Framework (introduced in iOS 14 to make zero-click exploitation more difficult) ain't solving."
Worryingly, the Pegasus spy software has been misused like this more than one. In October 2019 WhatsApp had revealed that over 20 lawyers, journalists and activists in India had been the target of unlawful surveillance by having exploited an unpatched vulnerability in the app. WhatsApp has taken the company to court in the US and presented evidence noting that "the attackers used servers and Internet-hosting services that were previously associated with NSO." Also, between July and August last year, Citizen Lab - a research organisation - had discovered that devices owned by 36 Al Jazeera journalists had been hacked using the technology, possibly by governments in the Middle East.
Keep up-to-date with the latest tech industry insights, trends as well as information technologies, app development, and small business content with the Proteams Blog
Follow us on LinkedIn for updates on the latest tech news here