An unprecedented leak of more than 50,000 phone numbers selected for surveillance by the customers of the israeli company NSO Group shows how this technology has been systematically abused for years. The Forbidden Stories consortium and Amnesty International had access to records of phone numbers selected by NSO clients in more than 50 countries since 2016.
NSO Group asserts that the product it sells to government clients – most commonly referred to as Pegasus – is intended to “collect data from the mobile devices of specific individuals, suspected to be involved in serious crime and terror.” Pegasus has extensive capabilities: the spyware can be installed remotely on a smartphone without requiring any action from its owner. Once installed, it allows clients to take complete control of the device, including accessing messages from encrypted messaging apps like WhatsApp and Signal, and turning on the microphone and camera.
The Forbidden Stories consortium discovered that, contrary to what NSO Group has claimed for many years, including in a recent transparency report, this spyware has been widely misused. The leaked data showed that at least 180 journalists have been selected as targets in countries like India, Mexico, Hungary, Morocco and France, among others. Potential targets also include human rights defenders, academics, businesspeople, lawyers, doctors, union leaders, diplomats, politicians and several heads of states. ...
The Pegasus Project media partners:
The Guardian, Le Monde, The Washington Post, Süddeutsche Zeitung, Die Zeit, Aristegui Noticias, Radio France, Proceso, OCCRP, Knack, Le Soir, Haaretz/TheMarker, The Wire, Daraj, Direkt36, PBS Frontline.
With the technical support of Amnesty International’s Security Lab.