NSO Group says it will investigate governments for 'abuses' of Pegasus

Israeli firm NSO Group says it will investigate governments that used its Pegasus spyware to target 50,000 phones including New York Times reporters as Amazon Web Services shuts down its infrastructure

  • NSO Group CEO Shalev Hulio said the claims were ‘concerning’ and that it was investigating the allegations
  • Amnesty International and a consortium of media outlets published claims on Sunday that foreign governments were using its software to hack phones
  • The software is called Pegasus and NSO says it is intended to fight terrorism 
  • But Amnesty Intl and the media outlets say foreign governments have used it on journalists and private individuals
  • They compiled a list of 50,000 phone numbers that might have been exposed to it
  • The malware can exploit what are known as ‘zero-click’ vulnerabilities in iPhone software meaning the user doesn’t have to open a suspicious link for it to work

Israeli firm NSO Group says it will investigate its foreign government clients for ‘abuses’ of its Pegasus spyware after a damning Amnesty International report revealed on Sunday that it had been used to target some 50,000 phones – including those of journalists, public officials and Arab royals.

NSO Group sells Pegasus to government clients with the purported purpose of investigating terrorism and crime. 

The Amnesty International report, along with another by a consortium of global media outlets, claimed that it was actually being used by governments to spy on journalists, officials, royals and individuals including murdered Saudi Arabian journalist Jamal Khashoggi’s widow.

The journalists targeted included Ben Hubbard, the New York Times’ Beirut Bureau Chief, and Azam Ahmed, the Times’ Mexico Bureau Chief, along with other journalists based in India, the Morocco, Mexico and Azerbaijan.

Others include reporters working for the Associated Press, Bloomberg, The Wall Street Journal and CNN but many have not been named. 189 journalists were targeted. 

NSO released a statement via its US-based lawyer, Clare Locke, to say it had nothing to do with any misuse of Pegasus. 

Its CEO, Shalev Hulio, told The Washington Post: ‘Every allegation about misuse of the system is concerning me. 

The list includes some the 50,000 phone numbers that were exposed to the malware. The malware doesn’t require users to click on it for it to work

NSO Group CEO Shalev Hulio, told The Washington Post : ‘Every allegation about misuse of the system is concerning me’ 

‘It violates the trust that we give customers. We are investigating every allegation … and if we find that it is true, we will take strong action.’  

Amazon Web Services has disabled its network on Tuesday. It’s unclear if that means it can still operate. 

‘When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts.’ 

The Amnesty report says NSO switched to use Amazon’s CloudFront – a CDN – in ‘recent months’. 

Amnesty started investigating the group in 2018 after learning one of its staffers had been targeted. 

It compiled a list of 50,000 phone numbers that were exposed to the malware. It’s unclear if all were compromised or if the numbers are just a list of potential targets.

A spokesman for AP, which had two journalists targeted, told DailyMail.com: ‘We are deeply troubled to learn that two AP journalists, along with journalists from many news organizations, are among those who may have been targeted by Pegasus spyware. We have taken steps to ensure the security of our journalists’ devices and are investigating.’ 

The New York Times said: ‘Azam Ahmed and Ben Hubbard are talented journalists who have done important work uncovering information that governments did not want their citizens to know.

‘Surveilling reporters is designed to intimidate not only those journalists but their sources, which should be of concern to everyone.’  


The journalists targeted included Ben Hubbard, the New York Times’ Beirut Bureau Chief (left) and Azam Ahmed, the Times’ Mexico Bureau Chief (right) along with other journalists based in India, the Morocco, Mexico and Azerbaijan.

Hanan El Atr, the widow of murdered Saudi Arabian journalist Jamal Khashoggi, was also targeted, according to the data

Financial Times editor Roula Khalaf was also among those whose phones were targeted 

In a statement through lawyers Clare Locke, NSO said: ‘NSO does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets. 

‘NSO does not operate its technology, does not collect, nor possesses, nor has any access to any kind of data of its customers. 

NSO Group claims it is on a ‘life-saving mission’ to combat terrorism

‘Due to contractual and national security considerations, NSO cannot confirm or deny the identity of our government customers, as well as identity of customers of which we have shut down systems.’ 

It also said its software had ‘nothing to do’ with Jamal Khashoggi’s murder, and despite Amnesty International claiming it has proof his widow’s phone was hacked using Pegasus after his death.

‘NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds,’ it said. 

Foreign governments including India, Rwanda and Morocco have all denied using the software to collect data on targets. 

Others targeted include  several Arab royal family members, 65 Business executives, 85 human rights activists, 189 journalists including a ‘small number from’ CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar.

Some of the reporters are named Financial Times editor Roula Khalaf, Siddharth Varadarajan and Paranjoy Guha Thakurta from Indian news site Wire Omar Radi, a Moroccan journalist, Mexican freelance journalist Cecilio Pineda Birto and Azerbaijani investigative journalist Khadija Ismayilova. 

In 2019, NSO Group reportedly contracted the SKDK –  a PR firm run by Anita Dunn, one of President Biden’s advisers. 

She did not immediately respond to DailyMail.com’s inquiries about the scope of her work with the firm.  

Source: Read Full Article