NSO's Pegasus spyware no longer effective in the UK

NSO's Pegasus spyware no longer effective in the UK

Image:
NSO's Pegasus spyware no longer effective in the UK

The Israeli firm blocked the +44 code in August 2020, says a source

Pegasus, the spyware tool developed by Israeli firm NSO Group and said to have been used in hacking campaigns worldwide, can no longer be used against mobile phones with UK numbers.

A source close to the Israeli firm told The Guardian that NSO blocked the +44 code in August 2020, immediately after learning that its spyware had been used by the ruler of Dubai, Sheikh Mohammed bin Rashid Al Maktoum, to hack the phones of his ex-wife Princess Haya bint al-Hussein and her attorneys.

"We shut down completely, hard-coded into the system [Pegasus], to all of our customers. We released a quick update in the middle of the night that none of our customers can work on UK numbers," the source said.

The Guardian's report came after thr UK's top court ruled last week that Dubai's ruler had used Pegasus to spy on his ex-wife during the legal battle over custody of their two children.

Princess Haya, the daughter of the king of Jordan, fled to London in 2019.

In his judgment, Sir Andrew McFarlane, president of the UK High Court's family division, said, "The findings represent a total abuse of trust, and indeed an abuse of power, to a significant extent.

"I wish to make it plain that I regard the findings that I have now made to be of the utmost seriousness in the context of the children ' s welfare."

Agents of Sheikh Mohammed hacked Haya's phone 11 times in July and August last year, with the Sheikh's "express or implied authority".

In addition to the UK, The Guardian's source said that Pegasus can no longer be used to target mobile numbers from the United States, Israel, and "all of the Five Eyes" countries. The members of Five Eyes alliance include Canada, Australia, New Zealand, the UK and the US.

The revelation suggests that the spyware tool may still be used to target phones in other NATO countries in Europe.

The NSO Group has long been accused of selling its surveillance tools to repressive government and leaders, who then use them to target activists and opponents.

In July, Paris-based non-profit Forbidden Stories and Amnesty International said Pegasus may have been used to snoop on more than 1,000 journalists, rights activists and other prominent individuals, from about 50 countries.

The allegations were based on a list of more than 50,000 phone numbers, believed to belong to potential targets of interest to NSO's clients.

It was unclear where the list came from or exactly how many devices were compromised, although forensic analysis of 37 phones whose numbers appeared on the list showed evidence of "attempted and successful" hacks.

The majority of phone numbers in the list were from Mexico, Saudi Arabia, the United Arab Emirates, India, Bahrain, Azerbaijan, Hungary, Kazakhstan, Morocco, and Rwanda. The database included the numbers of activists, journalists, business executives, politicians, heads of state, the members of the Qatari royal family, and 180 journalists, including from the New York Times, the FT, i and Al Jazeera.

French President Emmanuel Macron's phone number was one of those that appeared on the list.

The French government pressed Israel to mount an inquiry into the use of the surveillance software, after the Israeli authorities inspected the NSO Group's offices.

The Israeli Defence Ministry said that "representatives from a number of bodies" visited NSO Group to examine "the publications and allegations raised in its case."

The Ministry did not specify which agencies were involved in the investigation, but local media said the justice ministry, foreign ministry, military intelligence and Mossad were looking into the firm following the allegations.