Spyware Pegasus found on hacked mobile phones of four human rights defenders

Inclusion of several Jordanian women among targets ‘merits special attention’

Pegasus, which is sold by the Israeli company NSO Group, is sophisticated software that can be placed remotely on a phone without its owner being aware. Photograph: iStock
Pegasus, which is sold by the Israeli company NSO Group, is sophisticated software that can be placed remotely on a phone without its owner being aware. Photograph: iStock

The controversial commercial spyware program Pegasus has been found on hacked mobile phones belonging to four human rights defenders in Jordan, according to a report released today by Dublin-based human rights organisation Front Line Defenders (FLD) and Canadian digital forensics experts Citizen Lab.

The inclusion of several Jordanian women human rights defenders among the targets “merits special attention” as another example of a “disturbing rise in gender-based digital repression,” according to the report.

Women, it states, are “disproportionately vulnerable to online harms, blackmail and digitally-related acts of violence or technology-facilitated gender-based violence, especially in countries where misogyny is pronounced.”

The targeted individuals include Ahmed Al-Neimat, an anti-corruption activist with the group Hirak, Malik Abu Orabi, a human rights lawyer and member of The National Forum for the Defense of Liberties, the activist and award-winning journalist Suhair Jaradat, and a second journalist who chose to remain anonymous due to potential risks. Both journalists are women human rights defenders.

READ SOME MORE

The phone of an additional Jordanian woman, lawyer and human rights defender Hala Ahed Deeb, was found to be infected with Pegasus last year, according to a Front Line Defenders report issued in January.

Software

Pegasus, which is sold by the Israeli company NSO Group, is sophisticated software that can be placed remotely on a phone without its owner being aware.

Once installed, the software gives an attacker access to a phone’s messages, emails, media, passwords, voice calls (including over encrypted messaging apps), location data and contacts.

The hacked device’s microphone and camera may be remotely operated.

“This type of attack has a greater impact on women,” said Mohammed Al-Maskati, digital protection coordinator at Front Line Defenders. “Women are more vulnerable to online harassment, defamation and doxxing.”

A previous FLD report noted that such digital targeting causes women to “live in a perpetual state of fear, become socially isolated and restricted in their social lives, work, and activism.”

FLD and Citizen Lab believe digital forensic evidence offered in the report indicates that two of the NSO clients using Pegasus in these attacks were government agents.

NSO Group was blacklisted in November by the US Commerce Department, which accused the company of selling software used "to maliciously target government officials, journalists, businesspeople, activists, academics and embassy workers."

A major investigation last year by 17 media organisations found that Pegasus spyware has been used to monitor human rights defenders, journalists and politicians.

Sales of Pegasus must be approved by the Israeli government. NSO Group has denied misuse of the software by its vetted clients.

Al-Maskati said “electronic weapons” such as Pegasus are “used by some totalitarian regimes to target their opponents or human rights defenders. Therefore, these deals must be subject to periodic review and accountability, as well as to international review by the international community to ensure that they respect human rights.”

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology