Spyware manufactured by the NSO Group has been used to hack droves of high-profile European politicians and activists, The New Yorker reports. Those targeted allegedly included phones connected to the networks of the British Foreign Office and the office of British Prime Minister Boris Johnson, as well as dozens of members of the Catalan independence movement.
The report is partially based on a recently published analysis by Citizen Lab, a digital research unit with the University of Toronto that has been at the forefront of research into the spyware industry’s shadier side.
Citizen Lab staff told the New Yorker that mobile devices connected to the British Foreign Office were hacked with Pegasus five times between July 2020 and June 2021. A phone connected to the office of 10 Downing Street, where British Prime Minister Boris Johnson works, was reportedly hacked using the malware on July 7, 2020. British government officials confirmed to the New Yorker that the offices appeared to have been targeted, while declining to specify NSO’s involvement.
Citizen Lab staff told the New Yorker that the United Arab Emirates is suspected to be behind the spyware attacks on 10 Downing Street. The UAE has been accused of being involved in a number of other high-profile hacking incidents involving Pegasus spyware.
According to Citizen Lab, at least 65 people connected to the Catalan independence movement have been targeted with spyware. Of those, 63 were “targeted or infected” with Pegasus, according to the report. Four others were allegedly targeted with spyware developed by Candiru, another Israeli surveillance company. Members of the European Parliament, legislators and jurists, civil society organisation members, Catalan Presidents, and, in some cases, the family members of people connected to the independence movement, are all said to have been targets.
NSO’s spyware is more broadly used in Europe than previously known, according to The New Yorker. “Almost all governments in Europe are using our tools,” the company’s CEO, Shalev Hulio, told the magazine in an interview. Following surveillance scandals, multiple European governments have copped to using the firm’s services — including Germany, Hungary, and Poland. But across the Atlantic, there appears to be interest, too. In January, The New York Times reported that the FBI and the U.S. Justice Department had spent close to two years considering whether to procure an NSO tool that could reportedly hack any phone in the U.S. FBI Director Chris Wray later claimed that the FBI had been conducting “counterintelligence” on tools that could hack Americans.
As usual, NSO has denied the most recent report. The company told the New Yorker: “These allegations are, yet again, false.” The company has long maintained that its products are only used in conventional law enforcement investigations despite evidence to the contrary. We reached out to NSO for comment and will update this story if they respond.