IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Pegasus: Report finds spyware used to target journalists, activists

NSO Group sold the surveillance tool to authoritarian governments, investigation finds

Spyware manufactured by Israeli firm NSO Group was sold to authoritarian governments to target at least 50,000 journalists, government and union officials, human rights activists, business executives, religious figures, academics, NGO employees, and lawyers, an investigation has found. 

This investigation was conducted by 17 media organisations, including the Washington Post and the Guardian, which published a list of more than 50,000 affected phone numbers over the weekend.

The media outlets, known collectively as the Pegasus Project, found that the NSO Group had been selling its Pegasus spyware to the governments of  Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates.

Pegasus was used to extract messages, photos, and emails, as well as to record calls and activate microphones on iOS and Android devices. These included mobile phones belonging to close associates of the murdered journalists Jamal Khashoggi, from the Washington Post, and Cecilio Pineda Birto, a Mexican freelance reporter. Mexico was found to be the NSO Group’s largest client, with over 15,000 affected phone numbers being linked to the country.

The NSO Group denied the allegations, adding that they were considering legal action against the media publications.

“We would like to emphasise that NSO sells it[s] technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data,” the company stated on its website. 

Related Resource

Hybrid cloud for video surveillance

What it is and why you'll want one

Wasabi_Hybrid_Cloud_Video_Surveillance_WP_coverFree download

“Our technologies are being used every day to break up pedophilia rings, sex and drug-trafficking rings, locate missing and kidnapped children, locate survivors trapped under collapsed buildings, and protect airspace against disruptive penetration by dangerous drones. Simply put, NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds,” it added.

Pegasus Project partner, Amnesty International’s secretary general Agnès Callamard, described the Pegasus spyware as “a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent, placing countless lives in peril”.

“These revelations blow apart any claims by NSO that such attacks are rare and down to rogue use of their technology. While the company claims its spyware is only used for legitimate criminal and terror investigations, it’s clear its technology facilitates systemic abuse. They paint a picture of legitimacy, while profiting from widespread human rights violations,” she added.

Callamard also called for “an immediate moratorium on the export, sale, transfer and use of surveillance technology” until sufficient regulations are set in place.

Last year, it was revealed that Facebook had attempted to purchase NSO Group's Pegasus spyware to monitor iOS users.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Best free malware removal tools 2022
Security

Best free malware removal tools 2022

22 Jun 2022
A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
What is shoulder surfing?
social engineering

What is shoulder surfing?

10 Jun 2022
CIAM buyer’s guide
Whitepaper

CIAM buyer’s guide

6 Jun 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022