The discovery is worrisome. Yesterday, Forbidden Stories media revealed the biggest government spy network since the Snowden case. In total, more than 50,000 phone numbers are compromised and those are from single spyware. If this kind of practice is unfortunately common, it is a completely different stage of gravity that is reached in this case, and for two reasons.
The first, as stated above, is because it was perpetrated by different governments around the world. The second is that, unlike the NSA scandal, spyware specifically targeted a specific population: the journalists. The entire concept of press freedom is therefore challenged in several countries. Here is everything we know at the moment.
It all goes back to an Israeli company called the NSO. The latter developed the Pegasus program, capable of collecting personal information on its victim’s phone. Several governments use it. At least 10 are currently known: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, and the United Arab Emirates. Some are more active than others. Mexico, for example, has 15,000 infected phones, while Algeria and the UAE have 10,000.
“The Pegasus Project makes it clear that NSO spyware is the weapon of choice for repressive governments seeking to silence journalists, attack activists, and crush dissidents, putting countless lives at risk”, said Agnes Callamard, Secretary-General of Amnesty International. “Although the company claims that its spyware is only used in legitimate criminal and terrorist investigations, it is clear that its technology facilitates systemic abuse.”.
Pegasus is a RAT, a Trojan that can be activated remotely. In other words, it works from a zero-click attack, which makes it particularly dangerous. It doesn’t require any victim interaction to install itself on the device. Even worse, it works on all types of smartphones: the latest iOS and Android security updates are powerless against it. Pegasus exploits a zero-day flaw to break into the device and remain invisible to the user.
Most of the time, it goes through apps like WhatsApp and iMessage. The latter is particularly formidable, as it is installed by default on every iPhone. But it is also possible to install it through a remote transmitter. In some cases, he infiltrated thanks to an agent who had access to his target’s smartphone. Once this is done, Pegasus retrieves all confidential information: SMS, contacts, emails, browser history, social media activity, and of course passwords.
Of the 50,000 numbers involved in the case, Forbidden Stories managed to identify more than a thousand. Among the last ones, we find mainly journalists from around fifty countries. They are not the only ones beyond that. Pegasus was also found on smartphones by activists, lawyers, and even some political figures.
Israeli society quickly responded to the accusations, saying they were false. In a press release, he believes that “The Forbidden Stories report is full of flawed assumptions and unfounded theories that raise serious doubts about the reliability and interests of the sources. It appears that the “unidentified sources” provided information that has no factual basis and is far from reality”.
However, the evidence is there. It is probably not trivial that a government known to watch over its people is particularly interested in a branch that could change the order of things. Especially since this is not the first time the NSO has been involved in a spy case. In 2018, the company was the subject of a complaint following its alleged involvement in the murder of Saudi journalist Jamal Khashoggi. Spyware was found in his phone.