Journalists, lawyers, and human rights activists around the world have been targeted by authoritarian governments using phone malware made by Israeli surveillance firm NSO Group, according to multiple media reports.
An investigation by 17 media organizations and Amnesty International's Security Lab uncovered a massive data leak, indicating widespread and continuing abuse of the commercial hacking spyware, Pegasus, which can infect iPhones and Android devices and enable attackers to extract messages, emails, and media, and record calls and secretly activate microphones.
The leak contains a list of over 50,000 phone numbers that are believed to have been identified by clients of NSO as possible people of interest. Forbidden Stories, a Paris-based nonprofit media organization, and Amnesty International had access to the leaked list and shared that access with media partners as part of reporting consortium the Pegasus project. Forensic tests on some of the phones with numbers on the list indicated that more than half had traces of the spyware.
The company behind the software, NSO, denies any wrongdoing and claims its product is strictly for use against criminals and terrorists, and is made available only to military, law enforcement and intelligence agencies.
In a statement given to media organizations in response to the Pegasus project, NSO said the original investigation which led to the reports was "full of wrong assumptions and uncorroborated theories."
In an earlier version of the spyware, surveillance activity depended on the phone user clicking on a malicious link sent to them in a text or email (so-called "spear-phishing"). However, the most recently discovered version doesn't require interaction from the user and can instead exploit "zero-click" vulnerabilities – bugs or flaws in the OS – to succeed.
For example, Amnesty's Security Lab and Citizen Lab found an iPhone running iOS 14.6 could be hacked with a zero-click iMessage exploit to install Pegasus.
Meanwhile, media organizations involved in the project plan to reveal the identities of people whose number appeared on the list in the coming days. They are said to include hundreds of business executives, religious figures, academics, NGO employees, union officials and government officials. Disclosures which began on Sunday have already revealed that the numbers of more than 180 journalists are already known to be among the data.
WhatsApp sued NSO in 2019 after it alleged the company was behind cyber-attacks on thousands of mobile phones involving Pegasus. NSO denied any criminal wrongdoing, but the company has been banned from using WhatsApp.
Update: Apple has provided the following statement condemning the use of the zero-click exploit against journalists, lawyers, and human rights activists to The Guardian.
Article Link: Report: Pegasus Spyware Sold to Governments Uses Zero-Click iMessage Exploit to Infect iPhones Running iOS 14.6
Last edited:
