A senior official with Human Rights Watch who is based in Beirut was found to have been targeted by the infamous Israeli-made spyware Pegasus, in what Apple and Amnesty International said may have been a state-sponsored hack.
Meanwhile, Citizen Lab has revealed two new hacking cases in Poland, as spyware scandals involving NSO Group grow in Israel and abroad.
Lama Fakih, who serves as HRW’s crisis and conflict director and heads the group’s Beirut office, was targeted with Pegasus spyware at least five times between April and August 2021, Human Rights Watch and Amnesty International’s Security Lab found. Her phone underwent a forensic analysis after Apple informed her at the end of November that her iPhone may have been targeted as part of a government-backed operation.
The investigation found that iPhones she used were targeted through what is called a “zero-click” infection, meaning that the spyware was sent to her and installed on her phone without her knowledge or her having to click on any link.
NSO did not respond to the media outlet’s request for comment, but told HRW that they were “not aware of any active customer using [its] technology against a Human Rights Watch staff member.”
NSO sells its spyware to state intelligence services. Once infected with Pegasus, a mobile phone can serve as a remote microphone and camera, with the operator having full access to its content, unbeknownst to the victim.
The investigating groups did not say who may have targeted Fakih, but she said in a statement that “the work I oversee takes place in countries as far ranging as Syria, Myanmar, Israel/Palestine, Kazakhstan, Ethiopia, the United States, Lebanon, and Afghanistan. Part of our work is also on how surveillance technologies have been deployed in illegal, rights-abusing ways.”
- U.S. Venture Capital Firm in Talks to Buy Israel's Infamous Spyware Maker NSO
- NSO Chairman Quits as Cyber Firm Reels From Israeli Police Scandal
- Ex-minister Says He Didn't Know Israel Police Used NSO Spyware
“The news was overwhelming. I felt dread and disbelief” she said after learning two of her phones were infected with the spyware.
New Polish cases
NSO is in the midst of a number of major crises. Last week, the Israeli financial daily Calcalist reported that the Israel Police have been using Pegasus since 2013, utilizing the spyware as part of investigations with no oversight. Protest leaders and mayors accused of corruption were among the targets the police used the spyware against.
After Apple announced that 11 U.S. officials in Uganda were also targeted by a client of the Israeli spyware firm, NSO was placed on a U.S. Department of Commerce blacklist, placing its financial future in jeopardy. The announcements came after the launch of the global Pegasus Project investigation by a consortium of news outlets, including Haaretz and led by Paris-based NGO Forbidden Stories and Amnesty. The investigation compiled a list of thousands of potential targets selected for snooping by NSO clients across the world.
NSO is also at the center of a massive political scandal in Poland where the government recently admitted to purchasing the technology after opposition figures in the country were found to have been targeted.
Two more Poles have been identified as victims of Pegasus, the Associated Press reported late on Monday. The targets, discovered by Citizen Lab, are an agrarian political leader at odds with Poland’s right-wing government and the co-author of a book about the head of Poland’s secret services.
The newest discovery by Citizen Lab cybersleuths broadens the list of those allegedly targeted by state surveillance under Poland’s nationalist government with a tool marketed for use exclusively against criminals and terrorists.
In late December, the University of Toronto-affiliated security researchers determined that a Polish senator, Polish lawyer and a Polish prosecutor – all three critics of Poland’s ruling Law and Justice party – were hacked with NSO’s Pegasus. They were the first confirmations that a tool widely abused globally by repressive governments had been used in the European Union country.
The finding triggered an inquiry in the opposition-controlled Senate.
In its new findings, Citizen Lab found that Michal Kolodziejczak, a 33-year-old farmer and agrarian social movement leader was hacked several times in May 2019. That was months ahead of a fall election in which Kolodziejczak was hoping to have his group, AGROunia, become a formal political party. Support for his movement threatened to eat into a key constituency of the ruling party, farmers and other voters in the Polish countryside. Courts have so far blocked his efforts to form a political party.
The other target was Tomasz Szwejgiert, who says he collaborated for years with Polish secret services before finding himself at odds with powerful figures. He was hacked while co-authoring a book about the head of Poland’s secret services, Mariusz Kaminski. He was hacked 21 times with Pegasus from late March to June of 2019, intrusions that began after he and his collaborators sent questions to the Polish government about Kaminski.
The Associated Press contributed to this report.