BREAKING: massive, global leak of the targets of NSO Group's Pegasus spyware. *huge deal.*
Forensic investigation by @AmnestyTech
in collaboration with @FbdnStories reporters.
We @citizenlab conducted peer review.
Here's an explainer THREAD.
washingtonpost.com
Forensic investigation by @AmnestyTech
in collaboration with @FbdnStories reporters.
We @citizenlab conducted peer review.
Here's an explainer THREAD.
washingtonpost.com
2. Background: the already-notorious NSO Group makes mercenary spyware to silently & remotely hack iPhones & Androids.
Many of their government customers are authoritarians.
Most cannot resist the temptation to target their critics, reporters, human rights groups etc.
Many of their government customers are authoritarians.
Most cannot resist the temptation to target their critics, reporters, human rights groups etc.
3. More about leaked numbers & targets in a sec, but first you need to know:
@AmnestyTech just released a report with technical analysis of NSO's infrastructure... & analysis validating w/forensics that some phones were infected with Pegasus.
amnesty.org
@AmnestyTech just released a report with technical analysis of NSO's infrastructure... & analysis validating w/forensics that some phones were infected with Pegasus.
amnesty.org
4. We @citizenlab independently peer reviewed @AmnestyTech's forensic methodology, including how they identify an infected phone.
Our review, led by my colleague @billmarczak, judged their forensics & research methodology to be SOUND.
citizenlab.ca
Our review, led by my colleague @billmarczak, judged their forensics & research methodology to be SOUND.
citizenlab.ca
5. Now, to the findings: >50k numbers were leaked that are reportedly part of the infection & targeting workflow with Pegasus.
To help validate the relationship between these numbers & infections @AmnestyTech got consent to forensically examine a subset of the devices.
To help validate the relationship between these numbers & infections @AmnestyTech got consent to forensically examine a subset of the devices.
6. The @FbdnStories consortium worked w/the leaked phone numbers... what they found reveals 10 of NSO Group's customers insatiable intent to snoop.
And the massive scale of the operation.
- Mexico customer > 15,000
- Morocco > 10,000
- UAE > 10,00
Etc.
And the massive scale of the operation.
- Mexico customer > 15,000
- Morocco > 10,000
- UAE > 10,00
Etc.
7. #SaudiArabia 🇸🇦 murdered & dismembered Jamal Khashoggi.
Jamal's wife was targeted with Pegasus spyware before the killing...
Then his fiancee was hacked multiple times just days after.
@citizenlab independently confirmed findings.
#PegasusProject
washingtonpost.com
Jamal's wife was targeted with Pegasus spyware before the killing...
Then his fiancee was hacked multiple times just days after.
@citizenlab independently confirmed findings.
#PegasusProject
washingtonpost.com
8. #HUNGARY 🇭🇺
Ask the government for comment... get hacked.
Hungary's far-right PM Viktor Orbán is using Pegasus spyware to surveil & attack Hungary's independent media, like @direkt36, @panyiszabolcs, and many more.
Story: @shaunwalker7 theguardian.com
Ask the government for comment... get hacked.
Hungary's far-right PM Viktor Orbán is using Pegasus spyware to surveil & attack Hungary's independent media, like @direkt36, @panyiszabolcs, and many more.
Story: @shaunwalker7 theguardian.com
9. #INDIA🇮🇳 Over 40 reporters, major opposition figures, serving ministers in the #Modi government, members of the security services and beyond are in the list.
Story to watch as the scandal unfolds there.
Story @svaradarajan @thewire_in
thewire.in
Story to watch as the scandal unfolds there.
Story @svaradarajan @thewire_in
thewire.in
10. HUNDREDS of journalists around the globe are on the #PegasusProject list.
NSO Group's role in fueling the authoritarian assault on democratic values (like a free press) is coming into sharp focus
theguardian.com
NSO Group's role in fueling the authoritarian assault on democratic values (like a free press) is coming into sharp focus
theguardian.com
11. NSO Group puts up a facade of caring about human rights, doing due diligence, etc.
This leak exposes the farce of that performance.
When your customers are dictators... they will do bad things. NSO knows this. We know it.
Now everybody knows it.
This leak exposes the farce of that performance.
When your customers are dictators... they will do bad things. NSO knows this. We know it.
Now everybody knows it.
12. Continuing with cases.... in #FRANCE 🇫🇷
#PegasusProject list includes @edwyplenel, founder of independent news site @Mediapart, a reporter from @lemondefr, etc..
Story lemonde.fr
#PegasusProject list includes @edwyplenel, founder of independent news site @Mediapart, a reporter from @lemondefr, etc..
Story lemonde.fr
13. in #Mexico 🇲🇽 Journalist Cecilio Pineda Birto was getting death threats for reporting on official collusion with a cartel capo...
...then his number showed up on the #PegasusProject list.
Then he was assassinated.
theguardian.com
...then his number showed up on the #PegasusProject list.
Then he was assassinated.
theguardian.com
14. Bookmark this thread. Things are only getting started.
I'll be updating it with more cases & context as #PegasusProject revelations keep dropping.
I'll be updating it with more cases & context as #PegasusProject revelations keep dropping.
15. REASON TO CARE #1
So, you didn't know today's #PegasusProject hacking victims personally.
But tomorrow? Who knows. You don't.
#NSOGROUP is aggressively pitching *local* cops, including in USA 🇺🇸
Pause. Think about the oversight at your local PD.
vice.com
So, you didn't know today's #PegasusProject hacking victims personally.
But tomorrow? Who knows. You don't.
#NSOGROUP is aggressively pitching *local* cops, including in USA 🇺🇸
Pause. Think about the oversight at your local PD.
vice.com
16. REASON TO CARE #2:
Since all phones are vulnerable, #Pegasus spyware lets its autocrat-users *export fear*
They want want *you* to be afraid to criticize them.
Yes, you. A continent away. In a democracy.
Think about the implications.
Since all phones are vulnerable, #Pegasus spyware lets its autocrat-users *export fear*
They want want *you* to be afraid to criticize them.
Yes, you. A continent away. In a democracy.
Think about the implications.
7. REASON TO CARE #3:
Think only human rights defenders & journalists get hacked with #Pegasus?
Wrong.
Good chance officials responsible for the national security of YOUR country have been / will be targeted.
Example pic: 2019 #NSOGroup WhatsApp hack.
reuters.com
Think only human rights defenders & journalists get hacked with #Pegasus?
Wrong.
Good chance officials responsible for the national security of YOUR country have been / will be targeted.
Example pic: 2019 #NSOGroup WhatsApp hack.
reuters.com
18. Know who else is saying #NSOGroup must be stopped?
Big tech.
These days they are hitting back hard against the mercenary spyware industry for hacking their products & users.
E.g. this thread by @wcathcart @WhatsApp's CEO.👇
Big tech.
These days they are hitting back hard against the mercenary spyware industry for hacking their products & users.
E.g. this thread by @wcathcart @WhatsApp's CEO.👇
19. #INDIA🇮🇳 (2/)
She accused the Chief Justice of India’s Supreme Court of sexual harassment.
Just days later:
Her phone. Her husband's phone. Their family members..
11 in total then showed up on the #PegasusProject list.
thewire.in
She accused the Chief Justice of India’s Supreme Court of sexual harassment.
Just days later:
Her phone. Her husband's phone. Their family members..
11 in total then showed up on the #PegasusProject list.
thewire.in
20. #FRANCE 🇫🇷 Claude Mangin is campaigning for the release of her husband, a political activist, from a #moroccan prison.
She's in France.
Last month her iPhone 11 was silently hacked w/#Pegasus spyware. A second iPhone she borrowed? Also infected.
washingtonpost.com
She's in France.
Last month her iPhone 11 was silently hacked w/#Pegasus spyware. A second iPhone she borrowed? Also infected.
washingtonpost.com
21. BREAKING: Americans 🇺🇸 including US. Gov. officials are on the #PegasusProject list...
...even the #Biden administration's lead Iran negotiator Robert Malley!
#NSOGroup is an urgent national security problem for the United States.
washingtonpost.com
...even the #Biden administration's lead Iran negotiator Robert Malley!
#NSOGroup is an urgent national security problem for the United States.
washingtonpost.com
22. #MEXICO 🇲🇽: At least *50 people* close to the president ... are on the #PegasusProject spyware list.
They were put there while he was campaigning.
-His wife
-Family members, drivers, doctor
-Aides, chief of staff
-Doctor...
#PegasusProject
Story theguardian.com
They were put there while he was campaigning.
-His wife
-Family members, drivers, doctor
-Aides, chief of staff
-Doctor...
#PegasusProject
Story theguardian.com
23. Paul Rusesabagina inspired Hotel #Rwanda 🇷🇼
He's become a critic of the gov., and was recently thrown in jail.
His American 🇺🇸 daughter, while advocating for his release, has been incessantly surveilled w/ #Pegasus.
#PegasusProject
By @skirchy theguardian.com
He's become a critic of the gov., and was recently thrown in jail.
His American 🇺🇸 daughter, while advocating for his release, has been incessantly surveilled w/ #Pegasus.
#PegasusProject
By @skirchy theguardian.com
24. Policies to stop the global spyware catastrophe?
Experts @davidakaye & @MarietjeSchaake say:
- Immediate moratorium on sale & transfer
-Rule-of-law requirements on users
-Victims must be able to sue
-Global principles of conduct
#PegasusProject
washingtonpost.com
Experts @davidakaye & @MarietjeSchaake say:
- Immediate moratorium on sale & transfer
-Rule-of-law requirements on users
-Victims must be able to sue
-Global principles of conduct
#PegasusProject
washingtonpost.com
25. #INDIA 🇮🇳 (3/) Rahul Gandhi was Prime Minister #Modi's main opponent in the 2019 nat'l elections.
During the campaign, 2 of his phones were put on the #PegasusProject list, and 5 of his friends & fellow Congress party officials.
theguardian.com
During the campaign, 2 of his phones were put on the #PegasusProject list, and 5 of his friends & fellow Congress party officials.
theguardian.com
26. #NSOGroup & #Pegasus spyware customers are issuing panicky, fairy-tale denials.
Here's my take.
#PegasusProject
Here's my take.
#PegasusProject
27. BREAKING: 10 prime ministers, 3 presidents & a king on the #PegasusProject spyware list.
Included, French president @EmmanuelMacron
🇫🇷
Crystal clear: #NSOGroup is a global national security threat.
Story: washingtonpost.com
Included, French president @EmmanuelMacron
🇫🇷
Crystal clear: #NSOGroup is a global national security threat.
Story: washingtonpost.com
Loading suggestions...