Israeli Pegasus spyware allegedly used to hack phones of dozens of Al Jazeera journalists in large-scale attack – report

0
Israeli Pegasus spyware allegedly used to hack phones of dozens of Al Jazeera journalists in large-scale attack - report

Personal phones of some 36 Al Jazeera journalists have been hacked by “government operatives” that used a controversial spying tool by Israel’s infamous NSO Group to snoop on them, a report by Canada’s research lab claims.

The report, released on Sunday by Citizen Lab, a research unit at the University of Toronto specializing in cybersecurity, alleged that the phones belonging to the employees of the Qatar-based media network, including journalists, producers, anchors, and executives, were compromised and hacked with “an invisible zero-click exploit in IMessage” in July and August this year.

The exploit allowed the perpetrators of the attack, which Citizen Lab “with a medium degree of confidence” blamed on “government operatives” from Saudi Arabia and the United Arab Emirates, to infect the phones with spyware without having the journalists to click on malicious links themselves.

In its report, the Citizen Lab said that the clandestine techniques employed in the attack “were sophisticated” and therefore “difficult to detect,” since the “targets” often unaware of anything suspicious going on.

The hack might have remained undetected this time as well if not for the network’s Arabic language channel reporter Tamer Almisshal, who sounded the alarm that his phone might have been spied on and let the researchers monitor his online traffic starting from January 2020. Several months after, in July, the researchers saw his personal phone visiting a website where it got infected with NSO’s group Pegasus spyware without Almisshal’s ever clicking on the link.

The discovery has prompted an wide-ranging search for possible other victims among Al Jazeera stuff, eventually leading to the Citizen Lab and the channel’s IT unit identifying a total of 36 personal phones that had been successfully targeted by the “four NSO group operators.” One of them, who the group nicknamed “Monarchy,” allegedly tapped into 18 phones, while another one – dubbed “Sneaky Kestrel” – spied on 15 phones.

The group said that it believes “Monarchy” was acting on the marching orders from Riadh, since it “appears to target individuals primarily inside Saudi Arabia,” while “Sneaky Kestrel” focused on those journalists who were “primarily inside UAE.” 

The researchers said that the security loophole that facilitated the hack was closed with the IOS 14 update released in September, but noted that until then it had likely been taken advantage on a large scale.

Apple, for its part, appeared to throw weight behind Citzen Lab’s allegations of a state-sanctioned hack, saying that the reported attack “was highly targeted by nation states,” but noted that it could verify the findings of the report.

The Israeli group told the Guardian they would “take all necessary steps,” if it is provided with “credible evidence” that its spying tools were abused.

It’s not the first time the producer of Pegasus spyware kit finds itself in the spotlight in connection with allegations that its tech was used against reporters. Amnesty International reported in June this year that an award-winning Moroco-based journalist Omar Radi fell victim to the same spyware in an attack strikingly similar to the one described by the Citizen Lab.

Last year, WhatsApp confirmed that dozens of Indian lawyers, journalists, and rights activists were among the 1,400 users affected by the snooping software. 

Despite the perpetual controversy surrounding the NSO group, an Israeli court in July sided with the firm and the Israeli Defense Ministry in a case brought by Amnesty International, that demanded a ban on international sales of the software.

Comments are closed.