Journalists, lawyers and activists hacked with Pegasus spyware in Jordan, forensic probe finds
The Associated Press
Israeli-made Pegasus spyware was used in Jordan to hack the cellphones of at least 30 people, including journalists, lawyers, human rights and political activists, the digital rights group Access Now said Thursday.
The hacking with spyware made by Israel’s NSO Group occurred from 2019 until last September, Access Now said in its report. It did not accuse Jordan’s government of the hacking.
One of the targets was Human Rights Watch’s deputy director for the region, Adam Coogle, who said in an interview that it was difficult to imagine who other than Jordan’s government would be interested in hacking those who were targeted.
The Jordanian government had no immediate comment on Thursday’s report.
In a 2022 report detailing a much smaller group of Pegasus victims in Jordan, digital sleuths at the University of Toronto’s Citizen Lab identified two operators of the spyware it said may have been agents of the Jordanian government. A year earlier, Axios reported on negotiations between Jordan’s government and NSO Group.
“We believe this is just the tip of the iceberg when it comes to the use of Pegasus spyware in Jordan, and that the true number of victims is likely much higher,” Access Now said. Its Middle East and North Africa director, Marwa Fatafta, said at least 30 of 35 known targeted individuals were successfully hacked.
Citizen Lab confirmed all but five of the infections, with 21 victims asking to remain anonymous, citing the risk of reprisal. The rest were identified by Human Rights Watch, Amnesty International’s Security Lab, and the Organized Crime and Corruption Reporting Project.
NSO Group says it only sells to vetted intelligence and law enforcement agencies — and only for use against terrorists and serious criminals. But cybersecurity researchers who have tracked the spyware’s use in 45 countries have documented dozens of cases of politically motivated abuse of the spyware — from Mexico and Thailand to Poland and Saudi Arabia.
An NSO Group spokesperson said the company would not confirm or deny its clients’ identities. NSO Group says it vets customers and investigates any report its spyware has been abused.
The U.S. government was unpersuaded and blacklisted the NSO Group in November 2021, when iPhone maker Apple Inc. sued it, calling its employees “amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse.”