NSO's Pegasus spyware used to hack Palestinian activists' phones

NSO was blacklisted by the US Commerce Department last week amid allegations that its spyware was misused.

 A man walks past the logo of Israeli cyber firm NSO Group at one of its branches in the Arava Desert, southern Israel July 22, 2021 (photo credit: REUTERS/AMIR COHEN)
A man walks past the logo of Israeli cyber firm NSO Group at one of its branches in the Arava Desert, southern Israel July 22, 2021
(photo credit: REUTERS/AMIR COHEN)

The mobile phones of six Palestinian rights activists connected to a recent Israeli declaration of six Palestinian NGOs as terror groups were hacked by NSO Group’s Pegasus spyware, Front Line Defenders, Amnesty International and internet security watchdog Citizen Lab said on Monday.

The new findings followed NSO’s blacklisting last week by the US Commerce Department amid allegations its spyware targeted journalists, rights activists and government officials in several countries.

In addition, the announcement comes as there is a continued public relations fight over whether the six Palestinian NGOs are human rights groups or have been operating through a mix of human rights activities and terror in conjunction with the Popular Front for the Liberation of Palestine (PFLP) terror group.

There was a clear move by Front Line Defenders, Amnesty and Citizen Lab collectively to build off the connection to NSO to try to further undermine Israel’s campaign against the Palestinian NGOs.

It was unclear if the Israeli government or some third party working with the Israeli government had used NSO’s technology against the six Palestinians, which would be an unusual case of NSO technology being used within the West Bank on cell phones which are part of the greater Israeli telecommunications umbrella; usually NSO has said it only sells to overseas customers.

ISRAELI CYBER firm NSO Group’s exhibition stand is seen at ISDEF 2019, an international defense and homeland security expo held in Tel Aviv in 2019. (credit: KEREN MANOR)ISRAELI CYBER firm NSO Group’s exhibition stand is seen at ISDEF 2019, an international defense and homeland security expo held in Tel Aviv in 2019. (credit: KEREN MANOR)

NSO, which voiced dismay at the US’s blacklisting move, carries out its exports of cyber products under the oversight of the Defense Ministry.

The Defense Ministry did not immediately comment on the new findings, but has defended NSO vehemently in Israeli courts and before foreign governments, such as France.

An NSO spokesperson responded: “Due to contractual and national security considerations, we cannot confirm or deny the identity of our government customers. As we stated in the past, NSO Group does not operate the products itself; the company licenses approved government agencies to do so, and we are not privy to the details of individuals monitored.”

“NSO Group develops critical technologies for the use of law enforcement and intelligence agencies around the world to defend the public from serious crime and terror. These technologies are vital for governments in the face of platforms used by criminals and terrorists to communicate uninterrupted,” the spokesperson added.

London-based Amnesty and Toronto’s Citizen Lab said they had independently confirmed that Pegasus had been used to hack the Palestinian activists’ phones, after Front Line Defenders, an international rights group, began collecting data in October about the suspected hacking.

Three of the six people work for Palestinian rights groups that Israel designated as terrorist organizations last month, saying they had funneled donor aid to terror operatives. The groups named by Israel have denied the allegations, some of which are based on the Shin Bet’s rough interrogations.

While Israel's supporters see confessions in such interrogations as a way to save lives, critics doubt the veracity of such interrogations.

Stopping short of blaming Israel for the alleged hacking, some of the groups whose workers were said to have been targeted demanded an international investigation.

“We don’t have evidence. We can’t accuse a certain party since we don’t have yet enough information about who carried out that action,” Sahar Francis, director of the Addameer organization, said at a news conference in Ramallah.

“The United Nations is responsible for human rights and for protecting human rights and they have a responsibility to launch such an investigation to make sure that countries don’t exploit this software to repress human rights advocates,” Francis said.

Israel has for years used mobile phone surveillance to track and thwart attacks by Palestinian terrorists, especially since the 2015-2016 “Knife Intifada.”