A leading Russian journalist has had her phone compromised using Israeli spyware, researchers said Wednesday, the latest sign that phone hacking tools are being used to spy on media workers and opposition figures worldwide.
A joint investigation by Canadian Internet watchdog Citizen Lab and digital rights group Access Now found that the phone of Galina Timchenko had been infected using spyware built by the Israeli company NSO Group. The infection began on or around Feb. 10, 2023, the researchers said. They did not identify who would have deployed it.
Timchenko – the co-founder and publisher of independent Russian news outlet Meduza – was in Berlin at the time of the hack, the researchers said.
Media defense groups condemned the alleged surveillance, with the Committee to Protect Journalists saying, "Journalists and their sources are not free and safe if they are spied on." Timchenko was quoted in a story published by Meduza on Wednesday as saying the hacking left her feeling "like I'd been stripped naked in the town square."
NSO told The Jerusalem Post it "only sells its technologies to allies of the US and Israel and always investigates credible allegations of misuse, taking prompt action if warranted." NSO has admitted in the past to several cases of clients abusing its technology, leading it to cut off its continued access to the technology.
Further, the Post understands that Russia has never been a client of NSO.
Did Russia get ahold of NSO technology?
A tougher question was whether a third-party client country of NSO might have carried out spying on Russia's behalf, in violation of their NSO contract.
Even this might run into issues, as each NSO contract contains geographic limits, and these limits might have blocked even an "abusive" client from acting against Timchenko in the areas where she was living.
Finally, for nearly two years, a US partial black listing of NSO has led the Israeli Defense Ministry to cut back which countries it would allow NSO and other cyberoffense firms to sell to.
At the same time, some technologies that are very similar to NSO's have been mistaken for NSO in recent years, especially as the company achieved notoriety for cases that were proven to be its technology.
There have also been cases where NSO tried to stonewall allegations, which were later confirmed to be connected to its clients.
Researchers, lawmakers, and journalists have repeatedly accused NSO of helping governments spy on political opponents and undermine independent reporting.
Timchenko is a particularly high-profile alleged victim. One of the pillars of Russia's independent media scene, she set up Meduza in Latvia after being fired as the editor of one of Russia's most popular news websites for falling foul of the authorities. The outlet has since become a prominent source of news amid Russia's full-scale invasion of Ukraine.
Yonah Jeremy Bob contributed to this report.