Victim’s iPhone hacked by Pegasus spyware weeks after Apple filed lawsuit against NSO | monitoring

New evidence revealed that a government user of NSO Group’s Pegasus spyware successfully hacked an iPhone in December, weeks after the tech giant sued the Israeli company in a US court asking it to stop it from “harming individuals” using Apple products.

A report published Tuesday by security researchers in Front Line Defenders (FLD) and Citizen Lab at the University of Toronto revealed that the phones of four Jordanian human rights defenders, lawyers and journalists have been hacked by government agents of NSO – who appear to be Jordanians. Government agencies – from August 2019 to December 2021.

The news appears to show that Apple users are still subject to monitoring by clients of the NSO government, even after the company filed a lawsuit against NSO last November. At the time, Apple said it had sued NSO and its parent company to “hold them accountable” for “monitoring and targeting Apple users”. This followed the identification of a vulnerability by Citizen Lab at the University of Toronto that allowed NSO users to infect iPhones with the company’s Pegasus spyware through a vulnerability in its iMessage functionality. Apple said at the time that the vulnerability had been patched.

“The fact that the targeting we found happened after widespread publicity around Apple’s lawsuit and victim notifications is especially remarkable; a company that really respects those concerns has at least temporarily halted operations for government clients, such as Jordan, who have A track record of human rights concerns.

Jordan’s National Center for Cyber ​​Security “categorically denied” the report’s findings. The Associated Press said, “These allegations are baseless, and Jordan has not cooperated with any agents with the aim of spying on citizens’ phones or censoring their calls.”

An NSO spokesperson would not comment on the findings, but said the monitoring of dissidents, activists and journalists by any client amounted to “severe misuse” of its product.

Once Pegasus is successfully deployed against a user, it can hack any phone, intercept messages and emails, view the user’s photos and location, and turn the mobile phone into a remote listening device, allowing an NSO client to listen in on the conversation taking place in close proximity to the phone.

NSO said it was investigating serious allegations of abuse and did not know how its spyware was used by government agents. She said that Pegasus should only be used against dangerous criminals and terrorists.

Apple did not immediately respond to a request for comment.

The FLD and Citizen Lab report mentioned three Jordanians who said their phones had been hacked using Pegasus, among them a human rights defender named Ahmed Al-Nuaimat, who is currently imprisoned in a case related to protests at Salt Governmental Hospital, where there is a shortage. Oxygen is alleged to have killed many Covid-19 patients.

The researchers found that human rights lawyer Malek Abu Orabi, who represents Al-Naimat and other activists, was hacked at least 21 times between August 2019 and July 2021. The third target, Suhair Jaradat, is a human rights defender and journalist focusing on women’s issues. issues in the media. The researchers found that Jaradat received text messages and WhatsApp messages containing links to the Pegasus spyware. Researchers said the WhatsApp message impersonated a well-known anti-government Twitter user in Jordan.

The researchers’ findings were reviewed and confirmed by the Amnesty International Security Lab.

The latest news comes as NSO appears to be locked in a fight with the managers of Berkeley Research Group, the advisory firm that took over the fund that owns NSO last year. BRG has been involved in a lawsuit in London with the fund’s previous owners, claiming new details about its alleged strained relationship with NSO.

A witness statement provided by Finbarr O’Connor, managing director of BRG in New York, alleged that cooperation by NSO management had been “virtually non-existent” since it began managing the fund that owns the Israeli company. O’Connor also said that the BRG “still does not have enough information” to understand the “historic actions” by the NSO that led to the Biden administration’s blacklisting of the NSO’s administration.

NSO did not respond to questions about the BRG allegations. The allegations raise questions about the company’s oversight of company executives following the publication last year of Project Pegasus, an investigation into NSO by Forbidden Stories, a journalistic collaboration that included The Guardian. Project Pegasus has reported dozens of cases of individuals being hacked or targeted by NSO government agents, including journalists, activists, and government officials.

In a statement Witness O’Connor, the BRG CEO said he understood that NSO had made efforts to identify potential investors in the United States in early 2021, but that that effort had been “interrupted as a result of Project Pegasus,” which he said had a “negative impact on investor interest.”

NSO did not respond to a request for comment on this claim.

The company has separately faced a new lawsuit in France by a French-Palestinian human rights defender named Salah Hammouri, who, with the International Federation of Human Rights and the League for Human Rights, is suing NSO for violating privacy rights in France.

An FLD investigation published in November concluded that the mobiles of Hammouri, whose Jerusalem residency has been revoked, and five other Palestinian human rights defenders were hacked using Pegasus, the NSO’s spyware. FLD’s findings were independently confirmed “with high confidence” by technical experts at Citizen Lab and Amnesty International’s security lab, the world’s leading authorities on such hacks.

At the time, a spokesperson for NSO said it could not confirm or deny the identity of government customers but that it did not operate the products itself and was “not privy to the details of the individuals under surveillance.”