Spyware leak suggests lawyers and activists at risk across globe
A leak of phone data suggests human rights lawyers, activists and dissidents across the globe were selected as possible candidates for invasive surveillance through their phones.
Their mobile phone numbers appeared in leaked records, indicating they were selected prior to possible surveillance targeting by governmental clients of the Israeli company NSO Group, which developed the Pegasus spyware.
The records were obtained by the nonprofit organisation Forbidden Stories and shared with a consortium of media outlets including the Guardian.
The data leak is a list of more than 50,000 phone numbers that, since 2016, are believed to have been selected as those of people of interest by government clients of NSO Group, which sells surveillance software. The data also contains the time and date that numbers were selected, or entered on to a system. Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International initially had access to the list and shared access with 16 media organisations including the Guardian. More than 80 journalists have worked together over several months as part of the Pegasus project. Amnesty’s Security Lab, a technical partner on the project, did the forensic analyses.
The consortium believes the data indicates the potential targets NSO’s government clients identified in advance of possible surveillance. While the data is an indication of intent, the presence of a number in the data does not reveal whether there was an attempt to infect the phone with spyware such as Pegasus, the company’s signature surveillance tool, or whether any attempt succeeded. The presence in the data of a very small number of landlines and US numbers, which NSO says are “technically impossible” to access with its tools, reveals some targets were selected by NSO clients even though they could not be infected with Pegasus. However, forensic examinations of a small sample of mobile phones with numbers on the list found tight correlations between the time and date of a number in the data and the start of Pegasus activity – in some cases as little as a few seconds.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25417952/transformers_megatron.jpg){kind=spacer}
