NSO Group, which produces controversial spyware that has been used to monitor many journalists and human rights activists, continues to refine its functionality to ensure its effectiveness and make it more difficult to detect.
The Citizen Lab in Toronto, a specialized research center that has been documenting the activities of the Israeli firm for years, says it has detected three new methods used in 2022 by Pegasus to “infect” cell phones and make their content accessible to system operators. .
These methods allow the spyware to be installed remotely without any intervention from the owner of the device, who usually has no idea what is going on.
The designers of NSO Group are also trying “aggressively” to remove internal data that could testify to the infection of the targeted phones, notes in an interview one of the researchers responsible for the report, John Scott-Railton.
“Pegasus will become even harder to find on phones, which should be a worrying topic for all governments” concerned about the risk of abuse, he adds.
New methods
The Citizen Lab detected the new infection methods identified by working in collaboration with a specialized center in Mexico.
In particular, two senior members of a human rights center in the country had their devices infected last year. They were targeted while working on abuses attributed to the Mexican army, which is implicated in particular in the “disappearance” in 2015 of a group of forty students.
One of the activists, Jorge Santiago Aguirre Espinosa, who heads the Mexican center, had previously been targeted in 2017 with the spyware.
Without drawing a definitive conclusion, the Citizen Lab notes that the activities of the affected activists and evidence of the military’s role in past espionage attempts with Pegasus suggest that the Mexican state played a role in the newly identified cases.
“The misuse of Pegasus continues”
Mr. Scott-Railton notes that the research center has discovered almost every year since 2016 new cases of infection in the country.
Mexican President Andrés Manuel López Obrador assured when he took power in 2018 that “this type of practice was going to stop, but this [que le centre de recherche] found demonstrates that the misuse of Pegasus continues,” notes the researcher.
The fact that NSO Group allows a “serial abuser” like Mexico to continue using its software demonstrates, he adds, that the firm does not care about human rights violations that may occur through it. .
The Israeli company – which did not respond to an interview request from The Press – maintains that Pegasus is a valuable tool for security forces to combat serious crime and terrorism.
NSO Group tries to follow the strategy of the big tobacco companies who kept repeating that their product could not have a negative effect. The time has come for them to assume their responsibilities.
John Scott-Railton, co-editor of the report
Multiplication of reports
France-Isabelle Langlois, who heads the French-Canadian section of Amnesty International, is not surprised to learn that the company is continuing to work to make its spyware even harder to detect.
“They never wanted to recognize that Pegasus was used for purposes other than those they officially name,” she notes.
This position seems untenable, note Mme Langlois, as reports mount that journalists, human rights activists, trade unionists and politicians have been targeted with the spyware in many countries.
Several lawsuits have been launched against the company, notably in the United States, where Meta is demanding accountability from NSO Group by accusing it of having used a flaw in its application. WhatsApp to infect over a thousand devices.
The US government said in November 2021 that the Israeli firm would be blacklisted because of its practices. The European Parliament has set up a committee of inquiry to shed light on the use of Pegasus and other similar software.
In a joint statement made public at the end of March, a dozen countries, including Canada, indicated that strict controls must be introduced both at national and international level to avoid abuses.
“It will take a lot of willpower on the part of political leaders. However, this leadership is not assumed for the moment. If we ask a politician what he intends to do, he will say that it is important to act, but from there to making a gesture, there is a step, ”underlines Mr.me Langlois.
This ambivalence, she says, stems in part from the fact that security forces in many countries are reluctant to give up such powerful technology.
“Too many people think that there are good reasons to have this type of system. It won’t be easy to find a solution,” concludes Mr.me Langlois.