NSO | Tracking

In December, new evidence revealed that the Apple iPhone had been successfully hacked by a government user of the NSO group’s Pegasus spyware, and weeks after the tech company Israeli filed a lawsuit in US court, it demanded that it be banned from using Apple to “harm individuals”. Products.

A report released on Tuesday by security researchers from Frontline Defenders (FLT) and the University of Toronto’s Citizen Lab found that the phones of four Jordanian human rights defenders, lawyers and journalists had been hacked by NSO’s government clients. Government Institutions – August 2019 to December 2021.

Even after the company filed a lawsuit against the NSO last November, the news shows that Apple users will continue to be monitored by NSO’s government customers. At the time, Apple said it would file a lawsuit against the NSO and its parent company “to hold them accountable” for “monitoring and targeting Apple users”. It allowed NSO users to infect iPhones with the company’s Pegasus spyware, following the discovery of an exploit by the Citizen Lab at the University of Toronto. Apple said at the time that the vulnerability had been fixed.

The FLD and Citizen Lab report stated that “the goal we have found after the widespread publicity about Apple’s lawsuits and victims’ announcements is particularly significant.

Jordan’s National Center for Cyber ​​Security has “completely denied” the findings of the report. “These allegations are baseless, and Jordan did not cooperate with any agents with the intent of spying on citizens’ phones or auditing their calls,” it told the Associated Press.

An NSO spokesman did not comment on the findings, but said that monitoring any customer protests, activists and newspaper enthusiasts was tantamount to “severe misuse” of its product.

If Pegasus is used successfully against a user, it can hack any phone, intercept messages and emails, view a user’s photos and location, and turn the mobile into a remote listening device, allowing the NSO client to hear the conversation happening nearby. Phone.

The NSO said it was investigating serious allegations of abuse and did not know how its government clients were using its spyware. It claims that Pegasus is used only against serious criminals and terrorists.

Apple did not immediately respond to a request for comment.

The FLD and Citizen Lab report named three Jordanians hacked using the Pegasus, including human rights activist Ahmed al-Naimat, who is currently in prison on charges related to the protests at al-Salt Government Hospital. Oxygen is said to have killed many Govit-19 patients.

Researchers have found that Malik Abu Orabi, a human rights lawyer representing al-Naimat and other activists, was hacked at least 21 times between August 2019 and July 2021. The third target, Zuhair Zarath, is a human rights activist and women – centered journalist. Issues in the media. Researchers have found that text messages and WhatsApp messages with links to Pegasus spyware were sent to Jared. The WhatsApp news impersonated a popular anti-government Twitter user in Jordan, researchers said.

The researchers’ findings were reviewed and confirmed by Amnesty International’s security laboratory.

There have been recent reports that the NSO has been locked up with managers of the Berkeley Research Group, a consulting firm that took over the management of NSO-owned funds last year. BRG sued the previous owners of the fund in London and demanded new details about its abusive relationship with the NSO.

A witness statement filed by Finbarr O’Connor, managing director of the BRG in New York, accused the NSO management of “almost non-cooperation” since it began managing funds owned by the Israeli company. O’Connor said the BRG was “not yet informed enough” to understand the NSO’s “historic actions” and that the Biden administration had placed the NSO on the Commerce Department’s block list.

The NSO did not respond to questions about BRG’s claims. The investigation into Forbidden Stories’ NSO, a journalistic collaboration involving the Guardian, raises questions about the corporate oversight of the company’s managers following the release of the Pegasus project last year. The Pegasus program reports dozens of cases of individuals being hacked or targeted by NSO government clients, including journalists, activists and government officials.

In O’Connor’s testimony, the BRG executive said that the NSO had made efforts to identify US – based investors in early 2021, but that he understood that the effort had been halted as a result of the Pegasus project. Negatively affected investor interest.

The NSO did not respond to a request for comment.

The company is facing a separate lawsuit in France through French-Palestinian human rights defender Salah Hammouri, who, along with the International Federation of Human Rights and the Human Rights League, is suing the NSO for violating privacy rights in France.

During the FLD’s investigation released in November, the mobile phones of Hammory, whose Jerusalem residency was revoked, and five Palestinian human rights defenders were hacked using NSO’s signature spyware, Pegasus. FLD’s findings were confirmed independently by Citizen Lab and Amnesty International’s security laboratory technicians “with high confidence”, leading the world in such hacks.

At the time, an NSO spokesman said it could not confirm or deny the identities of government customers, but said it was not operating on the products and was “not confidential to the details of the individuals being monitored”.

Leave a Comment