Governments of at least ten countries are accused of using Israeli software to hack cell phones and illegally collect sensitive information about journalists, human rights activists, clerics, lawyers and academics, among others.
The conclusions of the investigation began to be published on Sunday (18) by 17 media outlets from different countries, such as the British The Guardian, the American The Washington Post, the French Le Monde, the German Die Zeit and the Israeli Haaretz.
Initial reports suggest that a leaked list of more than 50,000 phone numbers indicates widespread and continued abuse of the Pegasus software, developed by the Israeli company NSO Group. The company has been under investigation by the FBI, the US Federal Police, at least since 2017, for suspected data theft.
Pegasus is malware – a program created to infect computers or other devices – capable of accessing smartphones without the device user necessarily having to click malicious links or behave carelessly on them. Internet.
Thus, the Pegasus operator can extract sensitive content, such as messages – even encrypted -, photos and e-mails, in addition to remotely and secretly triggering cameras and microphones.
The program was at the center of a crisis between the Brazilian army and Carlos Bolsonaro (Republicanos-RJ). According to a report published by UOL, in May, the son of President Jair Bolsonaro (no party) tried to articulate the takeover of Pegasus without organs with the prerogative to use tools of this type, like the GSI (Institutional Security Office) and the Abin (Brazilian Intelligence Agency), were involved in the negotiation – which goes beyond the limits of Carlos, who is a city councilor in Rio de Janeiro.
The 50,000 contacts on the leaked list belong to people identified as targets of interest by NSO clients since 2016. Forbidden Stories, a Paris-based nonprofit media organization, and Amnesty International have gained access to thousands of numbers by phone and shared its content with the 17 press vehicles.
Working together has identified most of the names on the list, which includes at least 180 journalists from vehicles such as the Financial Times, CNN, The New York Times, The Associated Press and Reuters.
There are also hundreds of executives, religious figures, NGO officials, labor leaders and government officials, including chiefs of staff, prime ministers and presidents. The identities of those whose names are on the leaked list are expected to be gradually disclosed over the next few days, according to the Guardian.
The leak does not allow to say exactly who are the customers of the ONS, but the survey shows that the participation of the governments of at least ten countries: Saudi Arabia, Azerbaijan, Bahrain, Kazakhstan, United Arab Emirates, Hungary, India , Morocco, Mexico and Rwanda.
Analysis of the data indicates that Mexico is the country with the most phones on the list, around 15,000. The survey further suggests that the government of Hungarian Prime Minister Viktor Orbán may have used the tools of ONS in the offensive against investigative journalists in the country and leaders of independent media.
In addition, there are indications that Saudi and UAE authorities have targeted people close to Jamal Khashoggi, a Saudi Washington Post journalist who was assassinated in 2018, just months after his death.
It is not possible to say that the 50,000 phones on the list were in fact hacked by Pegasus, but forensic analysis of a small sample of devices (67) indicates that more than half (37 ) had traces of the malware, according to the British. newspaper.
The NSO says it does not operate the systems it sells to governments and therefore does not have access to data on the targets of these customers.
In a note released in response to the press consortium’s inquiries, the company called the allegations about the use of its tools false, but said it would investigate the abuse allegations and take appropriate action. The ONS further said it was not possible to describe the leaked contact list as a set of numbers “targeted by governments using Pegasus” and described the number of phones – 50,000 – as “exaggerated” .
Last month, the Israeli group released a transparency report containing extracts from contracts signed with clients. The text states that ONS tools should be used exclusively in criminal and national security investigations – a concept often invoked by authoritarian leaders to justify the crackdown on opponents and dissidents.
In fact, according to the vehicle consortium, there are phone numbers among the 50,000 contacts that belong to people under investigation in criminal cases, but the large number of names that have no connection criminal suggests that at least some of the ONS clients are breaking the terms of the contract to use tools like Pegasus.