Pegasus spyware is believed to have targeted phones of around 50,000 people belonging to hundreds of government officials, opposition politicians, journalists, activists, and business executives, reveals an investigation carried out by 17 major media outlets, including the Guardian and the Washington Post.
All these phone numbers are believed to be clients of Israeli surveillance firm NSO Group, which is also the developer of Pegasus software.
For those unaware, Pegasus is a highly sophisticated surveillance software that can be covertly installed on iPhones and Android phones to enable operators of the tool to extract messages, photos, and emails, record calls, and secretly activate microphones.
The company’s website reads, “NSO Group develops best-in-class technology to help government agencies detect and prevent a wide-range of local and global threats. Our products help government intelligence and law-enforcement agencies use technology to meet the challenges of encryption to prevent and investigate terror and crime.”
According to the company, “NSO licenses Pegasus to sovereign states and state agencies, does not operate Pegasus, has no visibility into its usage, and does not collect information about customers.”
The original investigation was jointly carried out by Paris-based media non-profit Forbidden Stories and human rights group Amnesty International who then shared the access of the leaked list with media partners as part of “Project Pegasus”.
More than 1,000 individuals in 50 countries were found to be selected by NSO clients for potential surveillance, which includes 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists, and several heads of state.
The majority of the phone numbers belonged to ten countries: Azerbaijan, Bahrain, India, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, and the United Arab Emirates.
While it is unclear how many devices on the list had actually been targeted, but forensic tests carried out on 37 phones indicated that there had been “attempted and successful” hacks, according to The Washington Post.
NSO Group has disputed the findings of the investigation stating that the reporting includes “uncorroborated theories” based on “misleading interpretation of leaked data from accessible and overt basic information.”
The company said that it is not responsible for its misuse and would continue to investigate all credible claims of misuse and take appropriate action. It also considering a defamation lawsuit, as it says these allegations are outrageous and far from reality.
Keep watching this space for more details as this is a developing story!