Amnesty International says Israeli spyware used against employee
Jack Guez (AFP)
Amnesty International announced on Wednesday that one of their employees was targeted by the spyware platform Pegasus, a surveillance software originating from the Israeli company NSO, the London-based human rights group said.
NSO has been implicated in a number of incidents involving secretly installed surveillance software including an attempt to hack prominent activist Ahmed Mansoor’s mobile phone which prompted Apple to update its iPhone software to eliminate security flaws that allowed the spyware through.
The employee received a “suspicious” message in early June inviting them to a protest outside of the Saudi embassy in Washington including a clickable link.
“The message, delivered through the WhatsApp messenger, carried a malicious link which Amnesty International believes belongs to infrastructure connected with the NSO Group and previously documented attacks,” according to the statement.
NSO responded by stating that their Pegasus software “is intended to be used exclusively for the investigation and prevention of crime and terrorism” and any violations of this policy will be investigated and addressed.
Amnesty claims the use of such surveillance technologies against human rights groups is “extraordinarily invasive” and highly “problematic” according to international standards and humanitarian law.
The Amnesty statement quotes the international Human Rights Defenders Declaration as saying, “Everyone has the right, individually and in association with others, to promote and strive for the protection and realization of human rights and fundamental freedoms at the national and international levels.”
In 2015, Hacking Team, an Italian spyware firm that competes with NSO, leaked a document detailing Pegasus’ product description.
The leak revealed that Pegasus disguises the final destination of its servers behind a system of “anomymized nodes,” so that when a device-user clicks on a link sent via Enhanced Social Engineering Message and the Pegasus Anonymizing Transmission Network, there is no trace of newly installed software.
The Pegasus software was created to permit remote control of a cell phone via a Trojan horse email link. Once Pegasus infects a phone, it allows audio surveillance; real-time observation of the screen; downloading of all its data; and control of the battery.
“Because the links sent to targets are not legitimate web pages, but anonymizing nodes routing to an exploitation server, they demonstrate rather unique behavior that we can synthesize to form a ‘fingerprint,’” Amnesty said offering evidence of the message’s connection to NSO.
Based on past reports from Canadian watchdog group Citizen Lab and technology identifying the Pegasus digital fingerprint, Amnesty claimed that NSO’s highly developed surveillance technology is being used against human rights organizations and activists.
Citizen Lab confirmed their analysis and issued their own report Wednesday detailing their investigation into NSO Group’s spyware infrastructure. Based on two years of tracking the Pegasus system, Citizen Lab corroborated Amnesty’s report showing a pattern of domain names attributed to NSO.
NSO has previously been criticized for selling their technologies to non-state actors, though the their official customer base is no less threatening to global human rights.
Previous reports have said that the Pegasus software was sold to rulers with dubious human rights records in countries including Panama, Mexico, Turkey, Mozambique, Kenya, and Nigeria.
You need to be logged in in order to post comments. Sign up or log in