Major human rights group among Pegasus spyware targets
On Wednesday, the New York-based NGO Human Rights Watch (HRW) said that spyware developed by the Israeli hacker-for-hire company NSO Group had been used against its staff.
The human rights group said the notorious hacking software was used to target Lama Fakih, the director of its Beirut office, who also oversees its crisis response in several countries. Fakih’s remit extends to operations in Syria, Myanmar, Israel, the West Bank and Gaza, Ethiopia, Afghanistan, and the United States.
“This includes documenting and exposing human rights abuses and serious international crimes during armed conflicts, humanitarian disasters, and severe social or political unrest,” an HRW statement read.
HRW claimed that this work may have attracted the attentions of governments, including those which are suspected NSO clients.
“It is no accident that governments are using spyware to target activists and journalists, the very people who uncover their abusive practices,” Fakih said. “They seem to believe that by doing so, they can consolidate power, muzzle dissent, and protect their manipulation of facts.”
Fakih received a message from Apple on November 24, saying that state-sponsored attackers may be targeting her personal iPhone.
Amnesty International’s Security Lab peer reviewed the analysis and confirmed that the phone was infected with Pegasus spyware five times between April and August 2021.
The Israeli software grants the hacker the ability to read messages, look through photos, track the person’s location, and even switch on the camera without the knowledge of the phone’s owner.
The NSO spyware came to light in July following an investigation led by Forbidden Stories, a Paris-based media non-profit, in collaboration with Amnesty International and 17 media organizations.
Some 50,000 phones have been illegally accessed using the malware, according to the investigation. Azerbaijan, Bahrain, Hungary, India, Saudi Arabia, and the UAE were among the countries in which potential clients were identified.