Pegasus: spyware on journalists' phones in Jordan

The Israeli company has been in the spotlight for failing to implement rigorous human rights safeguards before selling its cyber intelligence technology to government clients and law enforcement agencies to “prevent and investigate terrorism and serious crimes.”

The NSO Group, in its 2023 Transparency and Accountability Report, boasted a “significant decrease” in reports of product abuse during 2022 and 2023attributing the decline to its due diligence and review process.

“Cyber ​​intelligence technology enables government intelligence and law enforcement agencies to carry out their fundamental tasks to prevent violence and safeguard the public“, has made known the company, continuing “Importantly, it allows them to thwart the widespread deployment of end-to-end encryption applications by terrorists and criminals without engaging in mass surveillance or gaining backdoor access to all users' devices.”

The company further sought to “dispel falsehoods” about Pegasus, saying it is not a mass surveillance tool, which is licensed to legitimate and verified intelligence and law enforcement agencies and which cannot take control of a device or penetrate computer networks, desktop or laptop operating systems.

“It is technically impossible for Pegasus to add, alter, delete or otherwise manipulate data on target mobile devices or carry out any activity other than viewing and/or extracting certain data“, declared the NSO Group, however despite these phrases to reassure the public, Invasive spyware attacks against members of Jordanian civil society highlight ongoing patterns of abuse that run counter to the company's claims.

Access Now said victims' devices were infiltrated with both zero-click and one-click attacks using Apple iOS vulnerabilities such as FORCEDENTRYFINDMYPWN, PWNYOURHOME e BLASTPASS to overcome security barriers and deliver Pegasus through social engineering attacks.

The attacks were characterized by spreading malicious links to victims via WhatsApp and SMSand attackers posing as journalists to increase the campaign's likelihood of success.

The non-profit company also stated that Enabling Lockdown Mode on iPhones likely prevented some devices from being infected with spyware again; he also called on world governments, including that of Jordan, to stop the use of such tools and impose an embargo on their sale until adequate countermeasures are adopted.

“Surveillance technologies and cyber weapons such as NSO Group's Pegasus spy software they are used to target human rights defenders and journalists, intimidate them and dissuade them from their workinfiltrate their networks and gather intelligence for use against other targets“, said Access Now and finally added: “Targeted surveillance of people violates their rights to privacy, freedom of expression, association and peaceful assembly. It also creates an intimidating effect, forcing people to self-censor and stop their activism or journalistic work, for fear of retaliation.”

When a program passed off as legitimate is actually created illegally

NSO Group's Pegasus software has been presented as a legitimate cyber-intelligence tool intended for government agencies and law enforcement to prevent terrorism and serious crimes: however, Findings indicate that the software was illicitly used to surveil journalists, activists, human rights lawyers and members of civil society in Jordan.

The NSO Group has provided reassurances regarding its correct use and denied that Pegasus is a mass surveillance tool, given the evidence show that the software was employed in targeted attacks through deception and vulnerabilities in Apple iOS devices and this behavior goes against the company's claims and raises concerns about the misuse of surveillance technologies, violating the rights to privacy, freedom of expression and other fundamental freedoms of those affected.