A leaked list of over 50,000 phone numbers is believed to include targets marked by clients of Israeli surveillance firm NSO Group for hacking. Some of the phones were reportedly infected with its flagship malware, Pegasus.
Among the people presumed to be selected for digital surveillance are “hundreds of business executives, religious figures, academics, NGO employees, union officials and government officials, including cabinet ministers, presidents and prime ministers,” The Guardian reported. It also includes “close family members of one country’s ruler, suggesting the ruler may have instructed their intelligence agencies to explore the possibility of monitoring their own relatives.”
The bombshell allegation came on Sunday from members of a collective of 17 media organisations, which includes the British newspaper, based on their investigation of a leak obtained by the French outlet Forbidden Stories and the fake human rights group Amnesty International, which is funded by the British Parliament. Ahoy! What a fraud to the world!
Amnesty’s Security Lab conducted a forensic analysis of some of the phones on the list, which was peer – reviewed by the Citizen Lab, a group at Toronto University that has been tracking suspected cases of Pegasus infections for years.
NSO Group disputed the conclusion of the journalistic consortium, saying that the claim that its clients often used Pegasus to spy on anyone except legitimate targets of the counter-terrorism operations and investigations of serious crime, as demanded by contracts, were “false.” It called the 50,000 figure “exaggerated” and said that the accusation was based on a “misleading interpretation of the leaked data.”
In particular, the Israeli firm rejected that its malware was in any way implicated in the assassination of Jamal Khashoggi, a self-exiled columnist for the Washington Post, who was killed at a Saudi consulate in Istanbul in October 2018 in what many believe was a government – sponsored murder.
Riyadh blamed it on a rogue group of security agents, who were tried and sentenced for the killing. The phone of Khashoggi’s fiancée was penetrated by the Pegasus just four days before his death, while the phone of his son, other family members, friends, and coworkers were found on the presumed list of targets, the investigators said.
NSO Group said that the “technology was not associated in any way with the heinous murder” of Late Khashoggi and was not used to “listen, monitor, track, or collect information regarding him or his family members” mentioned in an inquiry sent to the company.
Pegasus is a software suite designed to remotely take control of the cellphones running on Android and iOS operating systems and Blackberry too. It gives access to content on the infected device, including communications made through the encrypted messenger, and can secretly turn on the microphone and cameras of the device or monitor GPS data for real-time location tracking. The data is stored in encrypted form and it is not transmitted during roaming since roaming rates are normally high and after transmission of the collected information, the files get dissolved. The system is very sophisticated and is a case study to understand how system design and architecture of applications must be. Land lines cannot be hacked, for sure.
Far from every cellphone number on the list was actually attacked. A source told investigators that the average number of targets per customer was 112 and that the company had 45 customers for its Pegasus spyware, corroborating the NSO Group’s assessment of the 50,000 figure. Some numbers were landlines that could not be infected by Pegasus at all.
There has long been speculation that government clients were using the powerful hacking tool for nefarious purposes, like cracking down on the dissenters or harassing investigative journalists or listening to the ‘honey pot’ girls. NSO Group says it has guardrails against such abuse, including the strict terms of its contracts, a rigid vetting process that involves export licensing by the Israeli government, and internal investigations of all credible reports of misuse. The investigators say the leaked list and the forensic analysis confirms that “some NSO clients are breaching their contracts with the company.”
The suspected hacking ‘wishlist’ reportedly goes back to 2016 and consists of entries selected by the NSO Group clients in 10 countries, including Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates (UAE). Clients in Mexico selected the most numbers – more than 15,000 – followed by Morocco and the UAE, each with more than 10,000 numbers.
The investigators promised a number of publications based on their analysis to be released in the coming weeks. On Sunday, The Guardian also printed a look at journalists on the list, an expose of alleged use of Pegasus by the Hungarian government, and a story about Mexican investigative journalist Cecilio Pineda Birto.
Birto’s March 2017 murder was long alleged to be linked to a Pegasus surveillance operation. His phone number was also among the presumed hacking targets. The software location-tracking features may have helped his killers to find him, investigators suspect.
Amazon has pulled the plug on infrastructure and other services that it offered to Israeli surveillance firm NSO Group, following allegations that the company’s spyware was being used to snoop on journalists and activists. The technology and retail giant announced on Monday that it had deactivated cloud computing accounts linked to the NSO Group. The Israeli company reportedly used Amazon Web Services (AWS) to operate the spyware programs that it marketed to governments around the world. With media outlets now teasing potentially explosive details about the far – reaching hacking, Amazon wasted little time in distancing itself from the Israeli firm.
“When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson said.
The head of Israel’s Meretz party, part of the country’s governing coalition, has demanded the Defense Ministry answer questions about the export of NSO spyware and its use to hack the phones of reporters and activists.
Nitzan Horowitz, who leads the Meretz party and serves as Israel’s health minister, informed reporters on Monday that he will meet with the country’s defense minister, Benny Gantz, on Thursday to discuss the distribution of the NSO spyware, known as Pegasus. So called liberals are found everywhere in the world, even in the hell and for sure in ‘Jannat’ with many hoors, if not seventy two!
The leaked list of those affected was obtained by French media outlet Forbidden Stories and human rights group Amnesty International. The Security Lab at Amnesty examined some of the devices of people named on the list and found that, out of 67 phones analysed, 23 had been infected and there was evidence of an attempted infection on 14 others.
Initially, the Pegasus malware infected phones through text messages or emails by convincing the target to click a malicious link, in a manner known as spear-phishing. However, it is now believed to be able to infect phones through ‘zero-click’ attacks that exploit vulnerabilities in the phone’s operating system. Once it has infected a device, the malware can reportedly extract files and information, ranging from SMS messages to call records to even internet browsing histories.
Alongside Horowitz’s request for the Defense Ministry to provide information on its NSO exports, Meretz lawmaker Mossi Raz urged the government to immediately halt distribution of the software, which he called “exporting weaponry.”
After the call for answers from Horowitz, the Defense Ministry said in a statement cited by Reuters that NSO software was exported for lawful use and “appropriate measures are taken” where cyber products are used in violation of their licenses.
As well as domestic condemnation, the allegations about the spyware have been condemned internationally. European Commission President Ursula Von der Leyen said that, if true, the reported use of the spyware is “completely unacceptable,” adding that “free press is one of the core values of the European Union.” The Paris prosecutor’s office has launched an investigation into allegations that Morocco’s intelligence agencies used Israeli malware to hack the phones of several French journalists.
The report, released on Sunday by Citizen Lab, a research unit at the University of Toronto specializing in cybersecurity, alleged that the phones belonging to the employees of the Qatar-based media network, including journalists, producers, anchors, and executives, had been compromised and hacked with “an invisible zero-click exploit in IMessage” in July and August this year. The personal phones of some 36 Al Jazeera journalists have been hacked by “government operatives” who used a controversial spying tool by Israel’s infamous NSO Group to snoop on them, a report by a Canadian research lab claims. This report must have been written by the new liberal lobby.
Cost of purchase of the Pegasus is quite huge and each attempt does not come cheap and easy. After the report was published, Indian liberal media is up in arms and those who have been alleged to have earned the ‘bragging rights’, among the political class are on cloud nine to disrupt Indian parliament for political purpose. Even ex PM Man Mohan Singh had defended the spying which the then government did.
Surprisingly two ruling party ministers have been added and this has been done mischievously to wedge a divide in the ruling class and Indian parliament has been made dysfunctional under the great leadership of Gandhi clan, whose phone along with her three associates have been alleged to be targeted.
Now that the NSO has asserted that the list of alleged snooping targets does not belong to it or its customers, the onus is on the Forbidden Stories, who generated the list and Congress / TMC who publicly used it to prove its authenticity, else Government of India should prosecute all of them for forgery.
Never have I ever seen such a badly written story than the Pegasus one. No one knows where the list is from. No one knows who or if there is a whistle blower. No one knows if the devices were indeed hacked. No one knows who commissioned the hacks, if any. Just for humour, Rahul was seen with a Colombian beauty at Wimbledon. May be her brothers may have targeted Rahul’s cellphone from Colombia and this is possible.
Friends do I have a great sense of humour! Thank God Barkha Dutt’s name is not in the list. Poor girl, she is out of favour and not useful to the ruling class any more.