Revealed: leak uncovers global abuse of cyber-surveillance weapon
Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests
UAE linked to listing of hundreds of UK phones in Pegasus project leak
A special investigation into NSO Group, which sells hacking spyware to governments
The Washington Post:
Invisible surveillance: How spyware is secretly hacking smartphones
How Pegasus works, who is vulnerable and why it’s hard to protect yourself from hacks
Prime ministers, presidents and a king found on list that includes phone numbers targeted by spyware
All this with no inkling of where those 50000 names were obtained from or how they established a link between that list and Pegasus.
From a cherry-picked list of 67 numbers of which 37 were found to contain it - how do you establish a "link" between the list and Pegasus with that kind of sample?
What looks like propaganda?
> The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
> The analysis also uncovered some sequential correlations between the time and date a number was entered into the list and the onset of Pegasus activity on the device, which in some cases occurred just a few seconds later.
Suggesting it may be a superset of pegasus targets. They managed to examine 57 phones on the list and found that 37 were infected.
"The group also publishes Yedioth Ahronoth, the country's most widely circulated newspaper. The founder and publisher is Yoel Esteron, formerly the managing editor for Yedioth Ahronoth, and its editor is Galit Hemi. It is circulated nationwide and its articles feature regularly in the biggest Israeli news website 'Ynet' as well as in the printed edition of Yedioth Ahronoth."
Maybe it would “ping” these numbers to see if they got ported to a vulnerable device/version but otherwise sit and follow them?
Or users could attack a device if they’re out of country but not if they’re in-country? Or vice versa?
It can be that the project just compiled a list of 50,000 high value targets and then assessed which of these has been targeted.
37 phone calls from journalists and human rights activists, on which forensic evidence was found that was pasted in Pegasus or was the target of the spyware.
So of the list of 50000 phone numbers 37 had evidence of Pegasus.
And no one knows where the list of 50000 came from.
So assuming that their sample is representative that would be 28906/50000 phones with Spyware on them.
"Amnesty, and the investigative journalists and media outlets they work with made it clear from the outset in very clear language that this is a list of numbers marked as numbers of interest to NSO customers"
.. and that is the real scandal. Even if Pegasus didn't actually hack eg Macrons iPhone, a spying company in a democratic state should not have his phone number. Of course, it could have been added to the list by the whistleblower, but the time when it was supposedly added (before a major conference with Marocco) and all the other numbers from his cabinet make this unlikely (what kind of whistleblower just knows phone numbers from powerful people around the world?)
He is very tech-savvy and security-conscious, having been the target of Putin's election interference (Putin was trying to get the far-right candidate Marine Le Pen elected, just as he has supported the far-right AfD party in Germany), but his party had a better response than most because he had appointed tech entrepreneur Mounir Mahjoubi to lead its cybersecurity.
For classified or state business, he has a special Samsung Galaxy S7 with modified firmware and an older specialized flip-phone from Thalès called Teorem:
Now, if his iPhone were compromised, its microphones could be activated to listen in on his conversations. The French cybersecurity authorities are competent and it's highly unlikely they haven't planned for this, specially when they know the US eavesdropped on Angela Merkel's phone and France would be a higher-priority target for the US government given its sometimes ornery relationship. Their threat model certainly includes far more capable nation-state actors and capabilities than the watered-down version Israel will allow to be sold to Morocco, Saudi Arabia or any other tinpot country willing to pay.
Yes, 37 out of 67 that they got their hands on. They clearly didn't have the other 50k phones on hand to test.
Amnesty has said been clear from the beginning that the numbers have been identified as being of interest but not necessarily hacked.
And they've been reaching out to individuals asking them for devices to analyze.