Unsurprisingly, the NSO Group’s Malware Is Targeting Activists Again

Unsurprisingly, the NSO Group’s Malware Is Targeting Activists Again
Photo: JOEL SAGET/AFP, Getty Images

The iPhones of nine Bahraini political activists were recently hacked using the NSO Group’s spyware Pegasus, according to a new report put out by researchers.

The digital intrusions, which targeted people connected to the Bahrain Centre for Human Rights, as well members of domestically banned political organisations, occurred at various points between June 2020 and February 2021, according to Citizen Lab, a research unit with the University of Toronto.

In all of the cases, hackers used NSO’s “zero-click” iMessage exploit, a powerful attack that requires no phishing and merely takes advantage of security weaknesses in the messaging app’s code to compromise a device.

The company’s powerful commercial malware, Pegasus, is capable of totally compromising a target’s phone, allowing a user to read texts, listen in on calls, hijack a device’s mic and camera, log keystrokes and much more.

Citizen Lab attributes at least four of the hacks to the government of Bahrain — which it characterises as “well-known abuser of spyware,” and which has reportedly been using NSO’s products since 2017. At least one of the other victims may have been hacked by another government, researchers write.

“Bahrain has a history of brutal repression of dissent,” researchers write, further noting that the government “employs a number of methods to block or suppress internet content.”

For years, NSO has been accused of aiding corrupt governments as they spied on political dissidents, journalists, and human rights activists. Such claims gained further legitimacy earlier this year with the publication of the “Pegasus Project,” a large journalistic exposé into the Israeli spyware firm’s business practices. The project revealed a leaked list of approximately 50,000 phone numbers — which researchers say represents “potential surveillance targets” of Pegasus. The list has been confirmed to include the numbers of world dignitaries, including presidents, former prime ministers, and a king.

NSO has continually defended itself against accusations of impropriety — frequently claiming that its products are merely used to fight “terrorism” and catch pedophiles. The company says it only sells to military and intelligence agencies and has aggressively derided the Pegasus Project’s findings, calling them “baseless.”

“As always, if NSO receives reliable information related to misuse of the system, the company will vigorously investigate the claims and act accordingly based on the findings,” the company told The Guardian, in response to the recent Bahrain allegations.

However, critics say the company is basically full of it.

“Despite a half-decade of being implicated in human rights abuses, NSO Group regularly claims that they are, in fact, committed to protecting human rights,” the report reads. “However, this purported concern is contradicted by a growing mountain of evidence that its spyware is used by authoritarian regimes against human rights activists, journalists, and other members of civil society.”