Report finds NSO Group’s spyware used on Bahraini activists
FILE – This Oct. 30, 2019, file photo show the Oregon State Treasury office in Tigard, Ore. Oregon was Novalpina’s first major investor. Stephen Peel and Stefan Kowski, two founding Novalpina Capital partners, showed up at Oregon treasury offices in the Portland suburb of Tigard in November 2017 to make a pitch to the Oregon Investment Council, which oversees the state’s $90 billion pension fund. Novalpina Capital has been saddled with both an internal dispute among its founding partners and an explosive report showing NSO Group’s spyware has been widely misused around the globe. (AP Photo/Andrew Selsky, File)
RICHMOND, Va. (AP) — Nine activists from Bahrain had their iPhones hacked by advanced spyware made by the Israeli company NSO Group, the world’s most infamous hacker-for-hire firm, a cybersecurity watchdog reported on Tuesday.
Citizen Lab at the University of Toronto said NSO Group’s Pegasus malware successfully hacked the phones between June 2020 and February 2021. Those reportedly hacked included members of the Bahrain Center for Human Rights and two political dissidents living in exile. At least one of the activists lived in London when the hacking occurred, Citizen Lab said.
Citizen Lab said it has “high confidence” that at least four of the activists were hacked by the Bahraini government, which has a history of using commercially available spyware.
One of the activists targeted is Moosa Mohammed, who said he was previously a victim of spyware in 2012.
“When I fled torture and persecution in Bahrain, I thought I would find safety in London but have continued to face surveillance and physical attacks by Gulf regimes,” he said.
The government of Bahrain, a tiny island kingdom off the coast of Saudi Arabia that’s home to the U.S. Navy’s 5th Fleet, has a long history of suppressing dissent. Its embassy did not immediately return a request for comment.
NSO Group said in a statement that it had not yet seen the report, but questioned Citizen Lab’s methods and motives. “If NSO receives reliable information related to the misuse of the system, the company will vigorously investigate the claims and act accordingly,” the company said.
Citizen Lab found that in some instances the malware infected targeted iPhones without the users taking any action — what’s known as a zero-click vulnerability.
Bill Marczak of Citizen Lab said the exploits worked against a recent versions of the iPhone’s operating system, adding that there’s ”no indication that the bugs exploited have been fixed.”
Ivan Krstic, head of Apple Security Engineering and Architecture, said such attacks are costly and often have a short shelf life. “They are not a threat to the overwhelming majority of our users,” he said in a statement, adding that Apple constantly adds new protections for its devices and data.
The new report is the latest unwelcome news for NSO Group. The firm was the focus of recent reports by a media consortium that found the company’s spyware tool Pegasus was used in in several instances of successful or attempted phone hacks of business executives, human rights activists and others around the world.
Those investigations, based on leaked data obtained by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International, sparked widespread condemnation of the company.
Last month around 1,000 protesters in Hungary’s capital demanded answers to allegations that the country’s right-wing government used Pegasus to secretly monitor critical journalists, lawyers and business figures. India’s parliament also erupted in protests as opposition lawmakers accused Prime Minister Narendra Modi’s government of using NSO Groups’ product to spy on opponents and others.
France is also trying to get to the bottom of allegations that President Emmanuel Macron and members of his government may have been targeted in 2019 by an unidentified Moroccan security service using Pegasus. Morocco, a key French ally, denied those reports and is taking legal action to counter allegations implicating the North African kingdom in the spyware scandal.
Facebook is currently suing NSO Group in U.S. federal court for allegedly targeting some 1,400 users of its encrypted messaging service WhatsApp with highly sophisticated spyware. That includes users in Bahrain, Facebook said.
Human rights experts working with the United Nations recently called on countries to pause the sale and transfer of spyware and other surveillance technology until they set rules governing its use, with the aim of ensuring that it won’t impinge upon human rights.
Copyright 2019 The Associated Press. All rights reserved.