At least 14 current and former heads of state have been identified among the tens of thousands of people believed to have been targeted for possible surveillance by clients of private Israeli firm NGO Group, according to a collaborative investigation published Tuesday by The Washington Post.
In a bombshell report published over the weekend, French journalism nonprofit Forbidden stories and human rights group Amnesty International said they were leaked a list of more than 50,000 phone numbers that included at least some people targeted by NGO’s signature Pegasus spyware.
The Washington Post, along with “partner news organizations” in 10 countries, parsed through the list and identified—through public records, journalists’ contact books and questions to government officials—hundreds of public officials selected for possible surveillance by countries ranging from the United Arab Emirates to Morocco.
Among them were numerous sitting heads of state, including the presidents of France, Iraq and South Africa, as well as the prime ministers of Pakistan, Egypt and Morocco.
French President Emmanuel Macron, for example, appears to have been selected for potential surveillance on behalf of Morocco in 2019, though NSA Group has since denied Macron was ever targeted.
Also on the list are seven former prime ministers, who were apparently selected while as potential surveillance targets still in office, and the King of Morocco, Mohammed VI.
These world leaders being on the list does not mean they were targeted or successfully hacked. The Washington Post stressed that none of the individuals named provided the publications with their devices, meaning they were not able to conduct forensic tests to assess the presence of the Pegasus spyware. However, Forbidden Stories and Amnesty International found in their investigation published over the weekend that—at least in some cases—the military-grade spyware leased by LSO Group to governments for tracking terrorists and criminals was being used to hack smartphones belonging to journalists, activists and more. Amnesty’s Security Lab forensically tested 67 smartphones affiliated with numbers on the list and found 37 had either successfully been penetrated by Pegasus, or showed signs of attempted penetration.
In a statement released after the release of the initial report, NSO said the leaked list “is not a list of targets or potential targets of NSO’s customers.” Through its lawyers, the company has accused the publications that broke the news of the list of making “incorrect assumptions” about its purpose.
NGO Founder and Chief Executive Shalev Hulio similarly disputed the “relevance” of the leaked data to his company after the leak. However, he said he was “very concerned” about the reports and vowed to investigate all the claims. “We understand that in some circumstances our customers might misuse the system,” he said.
“Private Israeli spyware used to hack cellphones of journalists, activists worldwide” (The Washington Post)
“Apple Has ‘Major’ iMessage Security Problems, Says Pegasus Spyware Expert” (Forbes)
First published on: Forbes