A media consortium has uncovered a list of several thousand phone numbers infected with Pegasus spyware. Developed by the Israeli company NSO Group, this program was sold to States to monitor political opponents and journalists (including French).
We remember the Snowden affair which revealed the mass surveillance carried out by the NSA. Several media (including Le Monde and France Info) and the Forbidden Stories association have just lifted the veil on the Pegasus program. This is the name of a smartphone spy software developed by the Israeli NSO Group. The clients of the latter are States or government authorities in order to fight against terrorism and organized crime.
But it is for another use that the media pool accuses NSO Group. Indeed, he discovered a list of 50,000 telephone numbers spied on by Pegasus. Among these numbers, no terrorists, but journalists in particular French (Eric Zemmour or Edwy Plenel) and opponents monitored by States such as Morocco, Bahrain, Saudi Arabia, India, Mexico but also Hungary or l ‘Azerbaijan. Some journalists on this list have been arrested, threatened, even murdered.
Pegasus an ace of zero day faults
In their investigation, the media consortium and Forbidden Stories relied on the work of Amnesty International’s Security Lab. The latter analyzed several terminals of targeted journalists and confirmed the presence of the Pegasus spyware. To learn more about this spyware, just look at the analysis conducted by Lookout in August 2016 which reads, “Pegasus is very advanced in its use of zero-day, code modification and encryption vulnerabilities. It uses sophisticated functions to bypass the security of operating systems and apps like Gmail, Facebook, WhatsApp, Facetime, Viber, WeChat, Telegram, Apple’s inbuilt messaging and email solutions etc. »
The objective for the spyware is multiple “to steal the victim’s contact list, the victim’s GPS location, as well as the personal, WiFi and router passwords stored on the terminal”. It can even go to surveillance by activating the microphone or the camera of smartphones. An interesting panoply for certain States, because the specificity of this spyware lies in its modularity, continues the report. It adapts to government demand and targets.
Complaints against NSO Group
But sometimes NSO Group gets caught red-handed. Thus in October 2019, Google warned of the active exploitation of a zero-day flaw on Android by the Israeli firm and had consequently shortened the time limit for disclosing the vulnerability. Also in the fall of 2019, WhatsApp filed a complaint against NSO Group following the discovery of a flaw in the instant messaging service used to spy on human rights defenders. The subsidiary of Facebook had in this context received the support of several companies such as Google, Microsoft, VMware, Cisco or GitHub. Through an amicus curiae, they had indicated “cybersurveillance tools like Pegasus NSO are powerful and dangerous. Such tools rely on vulnerabilities in the code that allow a person to gain access to another person’s device, a network or a system. If these tools are misused, the results can be disastrous.” As part of the case raised by Forbidden Stories, several targeted journalists have decided to file a complaint in turn against NSO Group. This is the case of Edwy Plenel and Lénaïg Bredoux of Mediapart, Dominque Simmonot, former journalist of Le Canard Enchaîné and current comptroller general of places of deprivation of liberty, asked his lawyer to do the same.
For its part, NSO Group issued a press release to denounce “erroneous assumptions and unsubstantiated theories, which raise serious doubts about the reliability and interest of the sources”. The firm plans to file a complaint for defamation and recalls that it “sells its technologies only to police services and intelligence agencies of controlled governments for the sole purpose of saving lives by preventing crime and terrorist acts”. For the record, NSO Group was created in 2009 by Niv Carmi, Shalev Hulio and Omri Lavie (hence the acronym NSO) and was acquired in 2014 by the Francisco Partners fund for an estimated amount of between $120 and $130 million.
