Authoritarian governments are using phone spyware made by Israeli surveillance group NSO Group to target journalists, human rights activists, and lawyers around the globe.
An investigation by 17 media organizations and Amnesty International’s Security Lab uncovered a massive data leak, which indicated a widespread abuse of NSO’s commercial hacking spyware, Pegasus, which can be used to infect iPhones and Android devices, allowing attackers to extract messages, emails, and media, and record calls and to secretly activate microphones on the devices.
The leak includes a list of more than 50,000 phone numbers believed to have been identified by clients of NSO as possible people of interest. Forensic tests on some of the phones with numbers on the list indicated that more than half had traces of the spyware.
The developer and vendor of the spyware, NSO, says that its software is designed strictly for use against criminals and terrorists and that it is made available only to law enforcement, military, and intelligence agencies.
NSO does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets. NSO does not operate its technology, does not collect, nor possesses, nor has any access to any kind of data of its customers. Due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as identity of customers of which we have shut down systems.
An earlier version of the spyware required depended on the phone user clicking on a malicious link sent to them in a text or email. Unfortunately, the most recent version of the spyware doesn’t require a click or a tap from the user and can exploit “zero-click” vulnerabilities to infect the device.
(1) @AmnestyTech saw an iOS 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. We at @citizenlab also saw 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. All this indicates that NSO Group can break into the latest iPhones.
— Bill Marczak (@billmarczak) July 18, 2021
Amnesty’s Security Lab and Citizen Lab found that an iPhone running iOS 14.6 could be hacked with a zero-click iMessage exploit to install Pegasus, indicating that iPhones running what is at the time of this article, the most recent version of iOS. (iOS 14.7 is on its way, as soon as this week.)
Disclosures, which began on Sunday, have already revealed that the numbers of more than 180 journalists are already known to be among the data.