Israeli NSO Spyware Found on Phones of Jordanian, Bahraini Women’s Rights Activists

The hacking of Ebtisam Al-Saegh and Hala Ahed Deeb's phones with NSO’s Pegasus highlights the gendered threat that spyware poses to female activists, a report by Front Line Defenders says

Omer Benjakob
Omer Benjakob
Send in e-mailSend in e-mail
Ebtisam Al-Saegh and Hala Ahed Deeb, two women's rights activists from Bahrain and Jordan, respectively, were found to have been hacked using NSO's Pegasus spyware
Ebtisam Al-Saegh and Hala Ahed Deeb, two women's rights activists from Bahrain and Jordan, respectively, were found to have been hacked using NSO's Pegasus spyware Credit: Front Line Defenders
Omer Benjakob
Omer Benjakob

The phones of two activists for women's rights in the Arab world were found to have been infected by Pegasus spyware developed by the Israeli offensive cyber firm NSO group.

A digital forensics investigation revealed the findings early Monday in a report that highlighted the gendered aspect of hacking and underscored the unique threat such spyware poses to female targets.

In response to the investigation, NSO Group said: “We cannot directly comment on a report we haven’t seen, nor investigate based on names received in a press inquiry.”

The investigation, conducted by Ireland-based human rights group Front Line Defenders, examined the mobile phone of Bahraini human rights activist Ebtisam Al-Saegh and found it had been hacked at least eight times between August and November 2019 by a client using NSO’s Pegasus spyware. Al-Saegh had been arrested in Bahrain for her activism in the past and has faced persecution for her work.

The phone of Jordanian human rights lawyer Hala Ahed Deeb was also found to have been infected with Pegasus since March 2021, the report said. In addition to representing the country’s biggest union, Deeb, a prominent feminist, also served as the head of the legal committee of the Jordanian Women's Union.

Protestors hold placards and a banner during a protest outside the offices of the Israeli cyber firm NSO Group in Herzliya, in July. Credit: NIR ELIAS/ REUTERS

Amnesty International’s Security Lab and Citizen Lab confirmed that the software had infiltrated Al-Saegh and Deeb's phones in an investigation that also included digital rights group Access Now.

The report on the investigation, led by Front Line Defenders’ Mohammed Al-Maskati, stressed that women targeted by this spyware face risks beyond those of their male peers. “The malicious capabilities that Pegasus spyware provides to perpetrators not only strip women of privacy, the surveillance also destroys the inviolability of their homes and immediate surroundings. Friends and relatives distance themselves in fear of also being harmed or surveilled," it reads.

“For women targets, digital surveillance is a ticking bomb. They live in fear of how their personal information, including private photos, videos, and conversations, could be used against them at any given point, opening the door for harassment and abuse."

They are not the first women targeted by the spyware who have faced such a threat. Over the summer, an international consortium of journalists, led by Paris-based NGO Forbidden Stories in collaboration with Amnesty International’s Security Lab, published a major investigation into a leak of 50,000 potential targets selected for possible snooping by NSO’s clients. Haaretz participated in the investigation.

Among the victims revealed by the investigation to have been targeted was Khadija Ismayilova, an investigative journalist from Azerbaijan. “All night I’ve been thinking about what did I do with my phone,” she told Forbidden Stories at the time, adding that her family members have become victims of this hack as well. “The sources are victimized, people I’ve been working with, people who told me their private secrets are victimized.”

Responding to Monday's claims, NSO Group said, “NSO’s firm stance on these issues is that the use of cyber tools in order to monitor dissidents, activists and journalists, regardless of their gender, is a severe misuse of any technology and goes against the desired use of such critical tools.

"The international community should have zero tolerance policy towards such acts, therefore a global regulation is needed. NSO has proven in the past it has zero-tolerance for these types of misuse, by terminating multiple contracts.”

NSO was recently blacklisted by the U.S. Department of Commerce, along with another Israeli cyber firm called Candiru. NSO was likely placed on the U.S. blacklist because its software was allegedly used by one of its clients to target at least 11 U.S. officials Uganda.

Click the alert icon to follow topics:



Automatic approval of subscriber comments.

Subscribe today and save 40%

Already signed up? LOG IN


Election ad featuring Yair Lapid in Rahat, the largest Arab city in Israel's Negev region.

This Bedouin City Could Decide Who Is Israel's Next Prime Minister

Dr. Claris Harbon in the neighborhood where she grew up in Ashdod.

A Women's Rights Lawyer Felt She Didn't Belong in Israel. So She Moved to Morocco

Mohammed 'Moha' Alshawamreh.

'It Was Real Shock to Move From a Little Muslim Village, to a Big Open World'

From the cover of 'Shmutz.'

'There Are Similarities Between the Hasidic Community and Pornography’

A scene from Netflix's "RRR."

‘RRR’: If Cocaine Were a Movie, It Would Look Like This

Prime Minister Yair Lapid.

Yair Lapid's Journey: From Late-night Host to Israel's Prime Minister