Skip to main content

Israeli firm NSO Group tied to high-level hacks

A sweeping investigation found the names of world leaders, human rights defenders and journalists included on a leaked list of 50,000 alleged surveillance targets.
JACK GUEZ/AFP via Getty Images

Military-grade spyware developed by Israeli cyber-surveillance company NSO Group has been used to successfully hack the smartphones of journalists, politicians, activists and business leaders, an investigation by a consortium of international media outlets said Sunday. 

Using a leaked list of more than 50,000 cell phone numbers, journalists at 17 media outlets identified over 1,000 people across more than 50 countries who were selected as potential targets by NSO Group’s clients. They include more than 180 journalists from outlets including CNN, The Associated Press, The Wall Street Journal and The New York Times, according to the media probe, which was published in coordination with Paris-based nonprofit Forbidden Stories and Amnesty International. 

The report notes that without analyzing the devices, it’s impossible to know which of the 50,000 cell phone numbers were hacked with NSO Group’s Pegasus software, which researchers say gives customers access to a phone’s contents and the ability to remotely access the camera and microphone. The investigation was able to confirm the attempted and successful hacks of 37 smartphones that appeared on the list. 

The Israeli surveillance firm says it will investigate the potential human rights abuses revealed Sunday, but told The Assiciated Press that it has never maintained “a list of potential, past or existing targets.” 

NSO Group says it licenses Pegasus and other surveillance tools on the condition that governments use them to fight terrorism and other crime. Its customers reportedly include the governments of Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia and the United Arab Emirates. 

On Monday, a liberal party in Israel’s governing coalition said it would discuss NSO Group exports during a meeting with Defense Minister Benny Gantz. 

The sweeping investigation published Sunday adds to the wave of criticism against NSO Group, which is facing an array of lawsuits filed by Facebook and alleged victims. Amid the fresh scrutiny of NSO Group, here’s a look at other alleged hacks linked to the firm’s highly sophisticated spyware. 

Moroccan journalist Omar Radi 

Amnesty International accused the Morrocan government of using NSO Group’s Pegasus spyware to hack the phone of Moroccan journalist Omar Radi, who was sentenced on Monday to six years in prison in a trial slammed by rights groups. 

Amnesty previously alleged that Radi’s phone was subjected to a series of attacks using “a sophisticated new technique” that installed the software on his device without him knowing. Hacks in 2019 and 2020 reportedly gave the attacker full access to the phone’s camera, microphone and data, including emails and messages. 

UAE rights campaigner Ahmed Mansoor 

Award-winning Emirati human rights defender Ahmed Mansoor’s cell phone was reportedly targeted in 2016. According to Citizen Lab, a digital watchdog and research organization at the University of Toronto, Mansoor received text messages on his iPhone promising “new secrets” about alleged torture in the United Arab Emirates’ jails — if he clicked on a link included in the messages. 

He didn’t click and instead sent the messages to Citizen Lab researchers, who determined the links were part of an exploit infrastructure tied to NSO Group. Mansoor, 51, is currently serving a 10-year sentence in the UAE over what rights groups say is retaliation for his peaceful criticism of the government. 

Saudi dissidents before Khashoggi murder

Several associates of slain Washington Post columnist Jamal Khashoggi, including Yahya Assiri, Omar Abdulaziz and Ghanem Al Masari, were reportedly hacked with NSO’s software, security researchers say. Abdulaziz, a Canada-based dissident, filed a lawsuit in Israel charging that Saudi intelligence operatives infected his phone with Pegasus in order to spy on his conversations with Khashoggi.  

Just four days after his murder, Pegasus was installed on the phone of Khashoggi’s fiancée Hatice Cengiz, the consortium of media organizations said Sunday. His son Abdullah was also selected as a target, likely by the Emirati government, the analysis of leaked data showed. 

Asked about Khashoggi’s murder, Shalev Hulio, NSO Group’s chief executive, told CBS’ "60 Minutes" in March 2019 that the Israel-based company had “nothing to do with this horrible murder.”

Amazon founder Jeff Bezos 

In January 2020, a group of United Nations rights experts called for an immediate investigation into the hacking of Jeff Bezos’ phone, which they concluded was likely conducted using Pegasus or similar malware

Bezos’ security adviser concluded that Saudi Arabia was behind the hack and had gained access to the billionaire’s private information. A forensic analysis of the Washington Post owner’s phone in 2019 assessed with “medium to high confidence" it was exploited through a WhatsApp exchange with Saudi Crown Prince Mohammed bin Salman. 

The Israeli firm denied its technology was used to target Bezos’ phone and said it was “shocked and appalled” by the allegation. 

Mexican government critics

In Mexico, a number of journalists, human rights lawyers and activists have reportedly been targeted with Pegasus, including the widow of murdered journalist Javier Valdez Cardenas. According to Citizen Lab, NSO Group’s spyware tried to gain access to her phone within a week of his death in May 2017. 

Former Mexican President Enrique Pena Nieto acknowledged in 2017 that his government had purchased Pegasus, but denied using the malware to spy on critics.

Join hundreds of Middle East professionals with Al-Monitor PRO.

Business and policy professionals use PRO to monitor the regional economy and improve their reports, memos and presentations. Try it for free and cancel anytime.

Free

The Middle East's Best Newsletters

Join over 50,000 readers who access our journalists dedicated newsletters, covering the top political, security, business and tech issues across the region each week.
Delivered straight to your inbox.

Free

What's included:
Our Expertise

Free newsletters available:

  • The Takeaway & Week in Review
  • Middle East Minute (AM)
  • Daily Briefing (PM)
  • Business & Tech Briefing
  • Security Briefing
  • Gulf Briefing
  • Israel Briefing
  • Palestine Briefing
  • Turkey Briefing
  • Iraq Briefing
Expert

Premium Membership

Join the Middle East's most notable experts for premium memos, trend reports, live video Q&A, and intimate in-person events, each detailing exclusive insights on business and geopolitical trends shaping the region.

$25.00 / month
billed annually

Become Member Start with 1-week free trial

We also offer team plans. Please send an email to pro.support@al-monitor.com and we'll onboard your team.

What's included:
Our Expertise AI-driven

Memos - premium analytical writing: actionable insights on markets and geopolitics.

Live Video Q&A - Hear from our top journalists and regional experts.

Special Events - Intimate in-person events with business & political VIPs.

Trend Reports - Deep dive analysis on market updates.

All premium Industry Newsletters - Monitor the Middle East's most important industries. Prioritize your target industries for weekly review:

  • Capital Markets & Private Equity
  • Venture Capital & Startups
  • Green Energy
  • Supply Chain
  • Sustainable Development
  • Leading Edge Technology
  • Oil & Gas
  • Real Estate & Construction
  • Banking

Start your PRO membership today.

Join the Middle East's top business and policy professionals to access exclusive PRO insights today.

Join Al-Monitor PRO Start with 1-week free trial