NSO spyware used to hack phones of Palestinian activists, says report
Three activists, who consented to be named, work for Palestinian civil society groups that Israeli government has designed as terrorist groups
Mobile phones of six Palestinian human rights activists were reportedly hacked in 2020 and 2021 with controversial Pegasus spyware developed by Israeli cyber-surveillance firm NSO Group.
Front Line Defenders (FLD), a Dublin-based international human rights group, says it examined 75 iPhones belonging to Palestinian human rights defenders and determined that six of them were compromised using Pegasus spyware.
FLD's findings were independently confirmed by the technical experts at Citizen Lab and Amnesty International's security lab.
Citizen Lab stated that three of the six activists whose phones were hacked consented to be named. Of them, two are dual nationals - one American and one French - and all three work for Palestinian civil society groups that Israeli government claims are involved in terrorism.
Ubai Aboudi, a 37-year-old economist and US citizen, is among those hacked. He runs the Bisan Center for Research and Development in Ramallah, one of the six groups the Israeli government slapped with terrorist designations last month.
The other two hacked activists who have agreed to be named are attorney Salah Hammouri of Addameer, a human rights organisation, and researcher Ghassan Halaika of the Al-Haq rights group.
It's not clear who placed the spyware on the activists' phones, but four of the six hacked phones exclusively used SIM cards issued by Israeli telecom firms, according to Citizen Lab.
When asked to comment on latest accusations, a NSO Group spokesperson told The Guardian that they do not identify their customers for contractual and national security reasons.
"As we stated in the past, NSO Group does not operate the products itself; the company licence approved government agencies to do so, and we are not privy to the details of individuals monitored," the spokesperson stated.
"NSO Group develops critical technologies for the use of law enforcement and intelligence agencies around the world to defend the public from serious crime and terror. These technologies are vital for governments in the face of platforms used by criminals and terrorists to communicate uninterrupted."
The latest revelation comes days after US blacklisted four surveillance tool suppliers, including the NSO Group, and placed them on the Department of Commerce's Entity List.
The other companies that have been sanctioned by the US government are Israeli firm Candiru, Russian security vendor Positive Technologies and Singapore-based Computer Security Initiative Consultancy.
"NSO Group and Candiru were added to the Entity List based on a determination that they developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers," the Department of Commerce said in a statement.
On Monday, A US appeals court cleared the way for Facebook (now Meta) to sue NSO Group for exploiting a bug in WhatsApp to install Pegasus spyware. NSO had previously claimed immunity from prosecution.
Last month, it emerged that the NSO's Pegasus spyware can no longer be used against mobile phones with UK numbers.
A source close to the Israeli firm told The Guardian that NSO blocked the +44 code in August 2020, immediately after learning that its spyware had been used by the ruler of Dubai, Sheikh Mohammed bin Rashid Al Maktoum, to hack the phones of his ex-wife Princess Haya bint al-Hussein and her attorneys.
In addition to the UK, the source said that Pegasus can no longer be used to target mobile numbers from the United States, Israel, and "all of the Five Eyes" countries.
The members of Five Eyes alliance include Canada, Australia, New Zealand, the UK and the US.