Amnesty International says one of its employees was targeted with Israeli-made surveillance software as part of a deliberate attempt to spy on the human rights group by a “government hostile to its work”.
In a 20-page report released on Wednesday, Amnesty said one of its staff members was baited with a suspicious WhatsApp message in early June about a protest in front of the Saudi Embassy in Washington.
The Arabic message read: “Can you please cover [the protest] for your brothers detained in Saudi Arabia in front of the Saudi embassy in Washington. My brother was detained in Ramadan and I am on a scholarship here so please do not link me to this. [LINK]. Cover the protest now it will start in less than an hour. We need your support please.”
The link, if clicked, would have installed “Pegasus”, a sophisticated surveillance tool developed by the Israel-based company NSO Group, which infects the user’s smartphone and steals all the phone’s information, including: every contact name and phone number, text message, email, Facebook message, everything from Skype, WhatsApp, Viber, WeChat and Telegram.
NSO Group is known to only sell its spyware to governments. We, therefore, believe that this was a deliberate attempt to infiltrate Amnesty International by a government hostile to our human rights work.
The London-based human rights organisation said it traced the malicious link to a network of sites tied to the NSO Group.
NSO said in a written statement that its product was “intended to be used exclusively for the investigation and prevention of crime and terrorism” and that allegations of wrongdoing would be investigated.
The company has previously admitted charging customers $650,000 to hack 10 devices, on top of a $500,000 installation fee.
‘Digital risk to activists’
Joshua Franco, Amnesty International’s head of technology and human rights, said the latest hacking attempt was emblematic of the increased digital risk activists faced.
“This chilling attack on Amnesty International highlights the grave risk posed to activists around the world.
“NSO Group is known to only sell its spyware to governments. We, therefore, believe that this was a deliberate attempt to infiltrate Amnesty International by a government hostile to our human rights work,” Franco said.
“We are working with human rights activists to help them protect themselves against similar cowardly attacks, and ensure that abusive governments cannot use technology to silence them.”
NSO has been implicated in a series of digital break-in attempts, including a campaign against journalists, human-rights activists and lawyers looking into murders and corruption in Mexico; and an effort to hack into an Arab dissident’s phone that prompted an update to Apple’s operating system.
In 2016, Toronto-based research group Citizen Lab reported that the United Arab Emirates employed Pegasus against award-winning human rights defender Ahmed Mansoor, one of the few openly critical voices in the UAE.
Mansoor received a text message reading: “New secrets about torture of Emiratis in state prisons,” which was accompanied by a suspicious link.
The human rights defender, who had already been the victim of government hackers, sent the message to Citizen Lab who subsequently called it “one of the most sophisticated pieces of cyberespionage software we’ve ever seen”.
Citizen Lab did not directly accuse UAE officials of being behind the attempted hack, but it said similar attacks on critics of the regime had been connected to the government.
Mansoor was arrested in March 2017 and held in solitary confinement for one year before being sentenced to 10 years in prison earlier this year.