Sunday, July 18, 2021

Israeli spyware used to target phones of journalists and activists, investigation finds-CNBC

I justified the New York Times as my solo go-to news outlet because, I reasoned, even if the Times doesn't have it first, it will have it eventually. Not this story. It is nowhere to be found on the Times webpage. The investigation was carried out by the Washington Post and sixteen other news organizations. The New York Times was not among them. 

The military-grade spyware was reportedly licensed by the Israeli spyware firm NSO Group. [The spyware was called Pegasus.]

The list of numbers were shared with the Post and other media organizations by Paris-based journalism nonprofit Hidden Stories and human rights group Amnesty International.
(cnbc)

Spyware used to target journalists and activists around the world, reports indicate
(Politico)
Among those targeted for hacking were two women connected to murdered Saudi journalist Jamal Khashoggi and Cecilio Pineda Birto, a Mexican journalist who was slain in 2017. The phone numbers on the devices targeted for hacking included hundreds of world leaders, business executives, activists and other journalists. Thousands of other numbers were not immediately identified, with the largest number of those being for Mexican phones.
...
The investigation involved Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International. The media partners on the project include The Washington Post, PBS Frontline, the Guardian in England, Le Monde in France, Haaretz in Israel and others.

Hidden Stories, Forbidden Stories--I guess cnbc and/or Politico were not in on the investigation.  Haaretz was. The Guardian was. Le Monde was. The New York Times was not. Why not Quasi's?

Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones. 
Forbidden Stories, a Paris-based nonprofit media organisation, and Amnesty International initially had access to the leaked list and shared access with media partners as part of the Pegasus project, a reporting consortium.

The Guardian and its media partners will be revealing the identities of people whose number appeared on the list in the coming days. They include hundreds of business executives, religious figures, academics, NGO employees, union officials and government officials, including cabinet ministers, presidents and prime ministers.

The disclosures begin on Sunday, with the revelation that the numbers of more than 180 journalists are listed in the data, including reporters, editors and executives at the Financial Times, CNN, the New York Times, France 24, the Economist, Associated Press and Reuters.

You see Quasi's, you're involved.

The Israeli minister of defence closely regulates NSO, granting individual export licences before its surveillance technology can be sold to a new country.

Simply by placing a WhatsApp call to a target device, malicious Pegasus code could be installed on the phone, even if the target never answered the call. More recently NSO has begun exploiting vulnerabilities in Apple’s iMessage software, giving it backdoor access to hundreds of millions of iPhones. Apple says it is continually updating its software to prevent such attacks.

Amnesty [International]’s lab has discovered traces of successful attacks by Pegasus customers on iPhones running up-to-date versions of Apple’s iOS. The attacks were carried out as recently as July 2021.

Once installed on a phone, Pegasus can harvest more or less any information or extract any file. SMS messages, address books, call history, calendars, emails and internet browsing histories can all be exfiltrated.

(The Guardian)

Israel, Israel, Israel, we hardly knew ya.