Posts Tagged ‘phone hacking’

Palestinian NGOs dubbed terrorist were hacked with Pegasus spyware

November 10, 2021

Investigation by Front Line Defenders finds NGO employees’ phones were infiltrated months before Israel designated them as ‘terrorist organisations’

Phones of Palestinians working for human rights organisations recently designated by Israel as “terrorist organisations” [see: https://humanrightsdefenders.blog/2021/10/23/assault-by-israel-on-palestinian-human-rights-ngos/] were hacked using the Israeli-made spyware at the heart of a global surveillance scandal. [see: https://humanrightsdefenders.blog/2021/07/21/nsos-pegasus-spyware-now-really-in-the-firing-line/]

Dublin-based Front Line Defenders (FDL) examined 75 phones belonging to Palestinian human rights workers and detected that six were infected with Pegasus spyware between July 2020 and April 202. Four out of the six phones belong to staff members at NGOs that were blacklisted last month for alleged ties to a group labelled by some states as a “terrorist organisation”, a move that has sparked international condemnation.

Those alleged to have been hacked include US citizen Ubai al-Aboudi, who heads the Bisan Center for Research and Development, and French national Salah Hammouri, a researcher at Addameer. 

At a press conference in Ramallah on Monday, representatives of the six organisations called for the international community to take action. “We call on the United Nations to launch an investigation to disclose the party that stood behind using this programme on the phones of human rights activists, a move that put their lives at risk,” Tahseen Elayyan, a legal researcher with Al-Haq, told Reuters.

FDL’s findings, which were reviewed and confirmed by Citizen Lab and Amnesty International Security Lab, will raise further concerns about Pegasus, the controversial spyware alleged to have been used to hack heads of state, journalists and activists in a series of explosive stories published this summer.

NSO Group, the Israeli-based tech firm behind Pegasus, only licences the product to sovereign states or the law enforcement or intelligence agencies of those states.

Haaretz reported on Monday that the export licence issued by the Israeli defence ministry to NSO Group only permits Israeli security services to monitor Israeli phone numbers.

An FDL spokesperson told Middle East Eye on Monday that the organisation does not know which state was behind the hacking it uncovered, but believes that the timeline of events over the past month may be critical in answering that question.

On 16 October, three days before the organisations were designated, Al-Haq approached FDL, suspecting that a staff member’s phone had been hacked. The same day, an FDL investigator found initial traces of Pegasus on the phone.

The following day, on 17 October, FDL said it held a meeting with all six organisations to inform them of the initial findings and see if others would want their phones investigated. NSO Group: US blacklists Israeli firms for harming ‘national security interests’.

On 18 October, Israel’s interior ministry notified Hammouri of its decision to revoke his permanent residency in Jerusalem and deport him on the basis of his alleged “breach of allegiance to the State of Israel”.

Then on 19 October, Israeli Defence Minister Benny Gantz designated all six organisations which had gathered with FDL as “terrorist organisations.”

At this point, the organisations were reportedly only considered “terrorist” groups in Israel. But on 3 November – just ahead of the release of FDL’s findings –  Israel’s commander-in-chief of the Central Command issued an order to outlaw the organisations in the West Bank.

“It seems to us that [Israeli officials] were slow to react to what was transpiring and they were unprepared,” FDL spokesperson Adam Shapiro told MEE. “It suggests we caught them doing something they didn’t want us to.”

However, Shapiro emphasised that FDL could not say definitively what state was behind the hacking, a comment echoed by Addameer’s director, Sahar Francis.

“We don’t have evidence. We can’t accuse a certain party since we don’t have yet enough information about who carried out that action,” she told Reuters, calling on the UN to launch an investigation.

Israeli officials have not made a public statement yet about FDL’s findings. NSO Group told Reuters the company “does not operate the products itself … and we are not privy to the details of individuals monitored”.

The US government last week blacklisted the NSO Group and a second Israeli spyware firm, Candiru, saying their activities are contrary to US foreign policy and national security interests.

https://www.middleeasteye.net/news/israel-spyware-pegasus-used-hack-palestinian-rights-activists-phones

https://www.theguardian.com/world/2021/nov/08/hacking-activists-latest-long-line-cyber-attacks-palestinians-nso-group-pegasus-spyware

https://www.occrp.org/en/daily/15450-experts-pegasus-spyware-found-in-phones-of-palestinian-activists

https://www.timesofisrael.com/report-palestinian-activists-phones-hacked-with-controversial-nso-group-tech/

Tech giants join legal battle against NSO

December 22, 2020

Raphael Satter reports on 22 December 2020 for Reuters that tech giants Google, Cisco and Dell on Monday joined Facebook’s legal battle against hacking company NSO, filing an amicus brief in federal court that warned that the Israeli firm’s tools were “powerful, and dangerous.”

The brief, filed before the U.S. Court of Appeals for the Ninth Circuit, opens up a new front in Facebook’s lawsuit against NSO, which it filed last year after it was revealed that the cyber surveillance firm had exploited a bug in Facebook-owned instant messaging program WhatsApp to help surveil more than 1,400 people worldwide. See also: https://humanrightsdefenders.blog/2020/07/20/the-ups-and-downs-in-sueing-the-nso-group/

NSO has argued that, because it sells digital break-in tools to police and spy agencies, it should benefit from “sovereign immunity” – a legal doctrine that generally insulates foreign governments from lawsuits. NSO lost that argument in the Northern District of California in July and has since appealed to the Ninth Circuit to have the ruling overturned.

Microsoft, Alphabet-owned Google, Cisco, Dell Technologies-owned VMWare and the Washington-based Internet Association joined forces with Facebook to argue against that, saying that awarding soverign immunity to NSO would lead to a proliferation of hacking technology and “more foreign governments with powerful and dangerous cyber surveillance tools.”

That in turn “means dramatically more opportunities for those tools to fall into the wrong hands and be used nefariously,” the brief argues.

NSO – which did not immediately return a message seeking comment – argues that its products are used to fight crime. But human rights defenders and technologists at places such as Toronto-based Citizen Lab and London-based Amnesty International have documented cases in which NSO technology has been used to target reporters, lawyers and even nutrionists lobbying for soda taxes.

Citizen Lab published a report on Sunday alleging that NSO’s phone-hacking technology had been deployed to hack three dozen phones belonging to journalists, producers, anchors, and executives at Qatar-based broadcaster Al Jazeera as well as a device beloning to a reporter at London-based Al Araby TV.

NSO’s spyware was also been linked to the slaying of Washington Post journalist Jamal Khashoggi, who was murdered and dismembered in the Saudi consulate in Istanbul in 2018. Khashoggi’s friend, dissident video blogger Omar Abdulaziz, has long argued that it was the Saudi government’s ability to see their WhatsApp messages that led to his death.

NSO has denied hacking Khashoggi, but has so far declined to comment on whether its technology was used to spy on others in his circle.

https://www.reuters.com/article/us-facebook-nso-cyber/microsoft-google-cisco-dell-join-legal-battle-against-hacking-company-nso-idUSKBN28V2WX?il=0