Researchers map all known victims of NSO Group’s spyware Pegasus

San Francisco: A team of researchers has for the first time mapped all the known targets — celebrities, journalists and human rights activists — whose devices were hacked globally via Pegasus, a spyware developed by Israeli company NSO Group.

By mapping the data, the researchers from Forensic Architecture, an academic unit at Goldsmiths, University of London showed how nation-states also target other victims in their networks, reports TechCrunch.

The researchers “scoured dozens of reports from human rights groups, carried out open-source research and interviewed dozens of the victims themselves to reveal over a thousand data points, including device infections, which show relations and patterns between digital surveillance carried out by NSO’s government customers, and the real-world intimidation, harassment and violence that the victims are also subject to”.

The new findings reveal “the extent to which the digital domain we inhabit has become the new frontier of human rights violations, a site of state surveillance and intimidation that enables physical violations in real space,” said Shourideh Molavi, researcher-in-charge at Forensic Architecture.

The NSO Group is better known for ‘Pegasus’ — a malware sold to governments to enable the remote infection and surveillance of private smartphones.

NSO is currently embroiled in a legal battle with Facebook, which in 2019 accused that the Israeli spyware maker used Pegasus in WhatsApp to infect some 1,400 people, mostly celebrities, journalists and human rights activists, including from India.

Facebook has submitted detailed proof in the court about the Israeli company allegedly hacking into at least 1,400 WhatsApp users via its controversial surveillance software.

The new platform presents visual timelines of how victims are targeted by both spyware and physical violence as part of government campaigns to target their most outspoken critics.

Omar Abdulaziz, a Saudi video blogger and activist living in exile in Montreal, had his phone hacked in 2018 by the Pegasus malware.

Mexican journalist Carmen Aristegui is another known victim, whose phone was hacked several times over 2015 and 2016 by a government customer of Pegasus, likely Mexico, the report said on Saturday.

“A phenomenal damage is caused to journalistic responsibility when the state — or whoever — uses these systems of ‘digital violence’,” Aristegui was quoted as saying.

According to Eyal Weizman, director of Forensic Architecture, NSO Group’s Pegasus spyware needs to be thought of and treated as a weapon developed, like other products of Israel’s military industrial complex.

“It is disheartening to see it exported to enable human rights violations worldwide,” Weizman added.

In a statement, NSO Group said it cannot comment on research it has not seen.

Researchers from Canada-based Citizen Lab last year revealed that the Pegasus spyware compromised iPhones of dozens of journalists.

In July and August, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera.

The personal phone of a journalist at London-based Al Araby TV was also hacked.

The NSO Group sells Pegasus to governments, which could be installed on a device simply by calling the device via WhatsApp and the device’s owner did not even have to answer.