Israeli-made spyware designed to target criminals has been used by governments to spy on dissenting voices, journalists and human rights activists.
A list of around 50,000 phone numbers revealing those believed to be of interest to authoritarian leaders was released as part of the ‘Pegasus Project’.
The project is an investigation by 80 journalists at 17 media organisations organised by Paris-based media non-profit, Forbidden Stories.
Pegasus software can record calls, copy messages and secretly film users, and has been used to target heads of 180 major media organisations.
Additionally, the software has supposedly been used to tap close associates of the Washington Post journalist Jamal Khashoggi in the months after his death.
The released list showed that more than 600 politicians and government officials have been targeted, spanning more than 50 countries.
NSO Group, the Israeli-based firm responsible for Pegasus, says that its product has only ever been used by the military, law enforcement and intelligence agencies from “vetted governments”, and denies any wrongdoing.
In a statement on its website, NSO said the report by Forbidden Stories was “full of wrong assumptions and uncorroborated theories” that raise “serious doubts about the reliability and interests” of the sources.
“It seems like the ‘unidentified sources’ have supplied information that has no factual basis and are far from reality,” the statement reads.
NSO has also stated that says there were potentially other purposes for numbers being recorded on the list, and it does not mean there was an attempt to infect the phone.
Pegasus spyware targets and infects iPhones and Android devices. The spyware is capable of monitoring devices for 24 hours a day and enables operators to secretly activate microphones, film through phone cameras and track locations, according to the investigation.
The investigation revealed that Pegasus was used to access 37 smartphones belonging to journalists, government officials and human rights activists around the world.
According to Agnès Callamard, Secretary-General of Amnesty International, the Pegasus Project “lays bare” how NSO’s spyware is a “weapon of choice” for authoritarian governments looking to silence voices of dissent and attack activists.
“The Pegasus Project revelations must act as a catalyst for change. The surveillance industry must no longer be afforded a laissez-faire approach from governments with a vested interest in using this technology to commit human rights violations,” Callamard said.
- Brand Phishing Attacks | How to spot them and stay safe online
- LinkedIn hacking campaign illustrates rise in zero-day exploits
- Researchers uncover spyware app targeting iPhones
Analysis of the numbers by the Guardian revealed that at least 11 governments have taken advantage of the Pegasus spyware, including Azerbaijan, Hungary, Mexico, Suadi Arabia, India and the United Arab Emirates.
However, data suggested that the country with the most numbers run through the spyware was Mexico, with more than 15,000, where multiple government ages were using Pegasus.
Amnesty International has now released the full technical details of its forensic investigations as part of the Pegasus Project, which has been researching the evolution of Pegasus spyware attacks since 2018.
Commenting on the project, Callamard added: “Clearly, their actions pose larger questions about the wholesale lack of regulation that has created a wild west of rampant abusive targeting of activists and journalists.
“Until this company and the industry as a whole can show it is capable of respecting human rights, there must be an immediate moratorium on the export, sale, transfer and use of surveillance technology.”