The phones of two activists for women's rights in the Arab world were found to have been infected by Pegasus spyware developed by the Israeli offensive cyber firm NSO group.
A digital forensics investigation revealed the findings early Monday in a report that highlighted the gendered aspect of hacking and underscored the unique threat such spyware poses to female targets.
In response to the investigation, NSO Group said: “We cannot directly comment on a report we haven’t seen, nor investigate based on names received in a press inquiry.”
The investigation, conducted by Ireland-based human rights group Front Line Defenders, examined the mobile phone of Bahraini human rights activist Ebtisam Al-Saegh and found it had been hacked at least eight times between August and November 2019 by a client using NSO’s Pegasus spyware. Al-Saegh had been arrested in Bahrain for her activism in the past and has faced persecution for her work.
The phone of Jordanian human rights lawyer Hala Ahed Deeb was also found to have been infected with Pegasus since March 2021, the report said. In addition to representing the country’s biggest union, Deeb, a prominent feminist, also served as the head of the legal committee of the Jordanian Women's Union.
Amnesty International’s Security Lab and Citizen Lab confirmed that the software had infiltrated Al-Saegh and Deeb's phones in an investigation that also included digital rights group Access Now.
The report on the investigation, led by Front Line Defenders’ Mohammed Al-Maskati, stressed that women targeted by this spyware face risks beyond those of their male peers. “The malicious capabilities that Pegasus spyware provides to perpetrators not only strip women of privacy, the surveillance also destroys the inviolability of their homes and immediate surroundings. Friends and relatives distance themselves in fear of also being harmed or surveilled," it reads.
- Citizen Lab vs. NSO: The Institute Taking Down Israel's 'Mercenary Spyware' Firms
- The Arab Spring Was a Revolt Against the Patriarchy, Israeli Scholar Says
- El Salvador Journalists, Activists Hacked by NSO Spyware, Investigation Finds
“For women targets, digital surveillance is a ticking bomb. They live in fear of how their personal information, including private photos, videos, and conversations, could be used against them at any given point, opening the door for harassment and abuse."
They are not the first women targeted by the spyware who have faced such a threat. Over the summer, an international consortium of journalists, led by Paris-based NGO Forbidden Stories in collaboration with Amnesty International’s Security Lab, published a major investigation into a leak of 50,000 potential targets selected for possible snooping by NSO’s clients. Haaretz participated in the investigation.
Among the victims revealed by the investigation to have been targeted was Khadija Ismayilova, an investigative journalist from Azerbaijan. “All night I’ve been thinking about what did I do with my phone,” she told Forbidden Stories at the time, adding that her family members have become victims of this hack as well. “The sources are victimized, people I’ve been working with, people who told me their private secrets are victimized.”
Responding to Monday's claims, NSO Group said, “NSO’s firm stance on these issues is that the use of cyber tools in order to monitor dissidents, activists and journalists, regardless of their gender, is a severe misuse of any technology and goes against the desired use of such critical tools.
"The international community should have zero tolerance policy towards such acts, therefore a global regulation is needed. NSO has proven in the past it has zero-tolerance for these types of misuse, by terminating multiple contracts.”
NSO was recently blacklisted by the U.S. Department of Commerce, along with another Israeli cyber firm called Candiru. NSO was likely placed on the U.S. blacklist because its software was allegedly used by one of its clients to target at least 11 U.S. officials Uganda.