Skip to main content

Human Rights Watch staffer hacked with Pegasus spyware

A digital forensic analysis determined phones belonging Lama Fakih, HRW’s crisis and conflict director, were hacked between April and August 2021.
Amir Levy/Getty Images

A top staffer for Human Rights Watch was allegedly hacked with spyware developed by Israeli cyberfirm NSO Group. 

Lama Fakih, a dual US-Lebanese citizen, was targeted with NSO’s controversial Pegasus spying tool five times between April and August 2021, the New York-based rights group said. 

Fakih, who is HRW’s crisis and conflict director and head of the group’s Beirut office, was notified by Apple in November that state-sponsored attackers may be targeting her personal iPhone. HRW’s digital forensic analysis then determined that Fakih’s current and old phones had been infected with Pegasus. 

The rights group said Fakih’s phones were targeted in so-called “zero-click” attacks, which install the spyware without requiring the owner to click on a malicious link. HRW’s findings were confirmed by Amnesty International’s Security Lab. 

NSO Group is best known for its Pegasus software, which cyber experts say can be used to remotely access a phone’s contents, camera and microphone. The Israeli firm has pushed back on reports that its hacking technologies have been used to commit human rights abuses and says it licenses Pegasus to governments that are fighting terrorism and other crime. 

Fakih’s work involves documenting rights abuses in countries including Syria, Myanmar, Israel and the Palestinian territories, Afghanistan and the United States. HRW said her work might have attracted the attention of foreign governments that are suspected NSO clients. 

“Governments are using NSO Group’s spyware to monitor and silence human rights defenders, journalists and others who expose abuse,” Deborah Brown, HRW’s senior digital rights researcher and advocate, said in a statement. 

“That it has been allowed to operate with impunity in the face of overwhelming evidence of abuse not only undermines efforts by journalists and human rights groups to hold powerful actors to account, but also puts the people they are trying to protect in grave danger,” Brown said.  

NSO Group told HRW that it is “not aware of any active customer using [its] technology against a Human Rights Watch staff member” but that the firm would assess whether an investigation is warranted. 

The Human Rights Watch report is the latest scandal to embroil NSO, which was thrust into the spotlight in July when an investigation revealed that the company’s military-grade spyware had been used to successfully hack the smartphones of journalists, politicians, activists, heads of state and business leaders around the world. 

Using a leaked list of more than 50,000 phone numbers, journalists at 17 media outlets identified over 1,000 people across more than 50 countries who were selected as potential targets by NSO Group’s clients. The phone numbers of the ruler of Dubai’s daughter and his ex-wife, French President Emmanuel Macron and the fiancee of slain Washington Post columnist Jamal Khashoggi were reportedly included in the list. 

The HRW report came a day after NSO’s former chair, Asher Levy, said he had stepped down from his position, but denied his departure was linked to the recent controversies. 

In November, the US Department of Commerce added the Israeli spyware firm to its economic blacklist. The next month, reports emerged that the phones of at least nine State Department employees based in Uganda or whose work focused on the East African country were hacked with NSO’s software. 

Earlier this month, a digital forensic investigation found the cell phones of dozens of El Salvador-based journalists and activists were targeted with Pegasus. The hacks reportedly occurred when Salvadoran news organizations were covering sensitive issues involving President Nayib Bukele's administration.