top of page

Malware used to infect phones of activists, journalists and human rights defenders in 45 countries

Supported by Amnesty International and the Citizen Lab, analysis reveals relations and patterns between separate incidents in the physical and digital sphere, demonstrating how infections are entangled with real-world violence and extend within the professional and personal networks of civil society actors worldwide.


Malware used to infect phones of activists, journalists and human rights defenders in 45 countries
Image Source: Forensic Architecture

NSO Group Technologies Ltd. was founded in Israel in 2010 by Niv Carmi, Shalev Hulio and Omri Lavie. Part of an ecosystem of Israeli cyber-weapons companies—developed in the context of its ongoing occupation and settler-colonial surveillance of Palestinians—NSO’s Pegasus malware has reportedly been used since at least 2015 in at least 45 countries worldwide to infect the phones of activists, journalists and human rights defenders.


Forensic Architecture’s interest in the NSO Group dates back to 2017 when reporting by The Citizen Lab revealed that members of Centro Prodh, the collaborators in investigating the disappearance of 43 students from Ayotzinapa, Mexico, had been hacked using Pegasus.


The investigation into NSO Group began two years later when Forensic Architecture learnt that the close associates, members of the legal team leading a suit against NSO on behalf of a number of human rights defenders, were informed by WhatsApp in 2019 that their phones had also been infected.


While reporting on this issue incrementally exposed new cases of infection, undertook this project in order to provide the public, researchers and the legal team with a general tool to explore relations among different types of NSO-related activities worldwide.


NSO has yet to confirm a single state or corporate client and continues to receive security export licences from Israel’s Ministry of Defence for the sale of Pegasus—despite being challenged in Israeli and international courts.


The investigation consists of:

  1. A navigable digital platform,

  2. Video investigations to tell the stories of human rights defenders from around the world reportedly targeted by Pegasus, and

  3. An interactive diagram and a video presenting new research into the web of corporate affiliations within which the NSO Group is nested.


With this, Forensic Architecture has for the first time mapped the global landscape of NSO-related activities to demonstrate new connections and patterns between ‘digital violence’ using Pegasus and real-world violence directed at lawyers, activists, and other civil society figures.

 

The platform

The data for the project is based on fifteen months of open-source research that extracted data from hundreds of pages of documents as well as interviews. The Platform offers the most comprehensive database to date (containing over a thousand data points) of the reported infections of the phones using Pegasus.


Forensic Architecture developed bespoke open-source software to present this data as an interactive 3D platform, which will be updated as the investigation continues.

 

Key finds

The infections enabled by NSO’s Pegasus malware that have thus far been publicly exposed likely form only a part of a more expansive deployment against civil society actors across the world. However, the data collected does already suggests possible patterns in the ways that digital targeting using Pegasus operates:

  1. Digital infections do not target civil society actors as individuals, but rather as networks of collaboration. Our platform shows that in Mexico, Saudi Arabia and India digital targeting (blue dots) starts with one person before their professional networks are targeted within a similar time period. In each of these examples, the use of Pegasus occurs after or during periods where these civil society networks expose or confront controversial or criminal state policy.

  2. Digital infections of civil society groups occur alongside other forms of violence experienced in the physical world. Cyber-surveillance is consistently entangled with a spectrum of physical violations, including break-ins, intimidation, assaults, arrests, lawsuits and smear campaigns, and murder, in the case of prominent Saudi journalist Jamal Khashoggi, whose friends and colleagues were targeted by Pegasus.

  3. Digital targeting extends the reach of state power to include human rights dissenters in exile, while also physically targeting their colleagues and families in their home country.

 

Methodology


Data mining

Data-mined dozens of human rights reports—including Citizen Lab and Amnesty International’s exposure of NSO-related hacks, legal documents, hundreds of news reports from newspapers around the world including the Washington Post, Aristegui Noticias, Vice, The Hindu, The New York Times, Forensic News, The Guardian, Haaretz, Aljazeera amongst others, and more than a dozen interviews conducted with investigators and dissenters, activists, journalists and public figures targeted using Pegasus.


Each data entry point was categorised by the individuals targeted or the organizations they work with, plotted by its time, or time range, according to the documented fields from which Pegasus operates —including Mexico, the United Arab Emirates, Saudi Arabia, Morocco, Rwanda, India, Spain and Togo.


Data Points were classified as either digital, physical or contextual events. Each of these categories was further refined and sub-categorised:

  • Digital events include suspected and successful Pegasus infections as reported by the Citizen Lab or Amnesty International in the form of either zero-click or one-click exploits, and were subclassified as such.

  • Physical events encompass all incidents of violations in the physical world and are organized along with murder (fatal violence or assassination), assault (instances of physical violence), intimidation (violence aimed at causing fear, emotional and psychological distress) and Black Cube (which refers to intimidation specifically enacted by agents of the private Israeli intelligence company, Black Cube).

  • Contextual events are subdivided into: corporate transformations and financial transactions that relate to NSO Group and its affiliates; exposures of NSO related operations (in the form of news articles, civil society reports, petitions and lawsuits); and global, regional or local events surrounding NSO-related digital infections or physical violence, including political or criminal events investigated by the people targeted.


Read more and check the video source: Forensic Architecture

Read more from the below TAGS


People also reading-

13 views0 comments

コメント


Planner 5D- Interior design app

Planner 5D- Interior design app

Flipkart Online Shopping App

Flipkart Online Shopping App

World population to reach 8 billion this year, as the growth rate slows

July 12, 2022 at 6:57:56 AM

15 November 2022 is predicted to be the day that the global population reaches eight billion. The projection is revealed in the UN’s World Population Prospects 2022 report, which also shows that India is on course to surpass China as the world’s most populous country in 2023.

World population to reach 8 billion this year, as the growth rate slows

WHO: Nearly one billion people have a mental disorder

June 22, 2022 at 7:20:50 AM

Nearly one billion people worldwide suffer from some form of mental disorder, according to the latest UN data – a staggering figure that is even more worrying if you consider that it includes around one in seven teenagers.

WHO: Nearly one billion people have a mental disorder

What can the UN do? Check the top 5 questions answered

April 6, 2022 at 10:51:48 AM

The current war in Ukraine, following the Russian invasion, has sparked all sorts of questions about the United Nations, particularly the role of the Security Council, the General Assembly and the Secretary-General.

What can the UN do? Check the top 5 questions answered

Ukraine: UN’s Guterres joins call for Bucha war crimes probe

April 6, 2022 at 8:22:29 AM

UN chief António Guterres on Tuesday added his voice to the growing international calls for a war crimes investigation into the killing of civilians in the Ukrainian town of Bucha.

Ukraine: UN’s Guterres joins call for Bucha war crimes probe

Recent terrorist attacks in Israel undermine ‘prospects for peace’: Guterres

March 31, 2022 at 8:29:57 AM

Secretary-General António Guterres on Tuesday night condemned recent terrorist attacks in Israel that have claimed the lives of at least 11 Israeli citizens.

Recent terrorist attacks in Israel undermine ‘prospects for peace’: Guterres

China's BYD ceases to produce gasoline-powered vehicles

4/4/22, 7:00 AM

Chinese auto manufacturer BYD announced Sunday that it has already ceased the production of traditional gasoline-powered vehicles starting from March.

China's BYD ceases to produce gasoline-powered vehicles

Performance-oriented all-new ŠKODA SLAVIA 1.5 TSI Launched creates a segment of its own

3/27/22, 10:42 AM

All new ŠKODA SLAVIA 1.5 TSI starts at ₹ 16.19 lacs

Performance-oriented all-new ŠKODA SLAVIA 1.5 TSI Launched creates a segment of its own

CARS24 Raises $450 Million, Nearly Doubles Its Valuation To $1.84 Billion

9/25/21, 6:16 AM

CARS24, India’s leading e-commerce platform for pre-owned vehicles, announced today the closing of a $450M round of funding including a $340M Series F equity round alongside $110M debt from diversified financial institutions.

CARS24 Raises $450 Million, Nearly Doubles Its Valuation To $1.84 Billion

Tata Motors launches the ‘XPRES’ brand for fleet customers

7/18/21, 6:13 PM

Tata Motors, one of India’s leading automobile manufacturers, today announced the launch of a new brand ‘XPRES,’ exclusively for fleet customers.

Tata Motors launches the ‘XPRES’ brand for fleet customers

Audi India announces curated ownership plans for Audi e-tron and Audi e-tron Sportback customers

7/18/21, 5:56 PM

Special Service Plans, Extended Warranty and Buyback for a hassle-free ownership experience

Audi India announces curated ownership plans for Audi e-tron and Audi e-tron Sportback customers

TikTok hits 1 billion global active users

9/28/21, 8:56 AM

TikTok mission is to inspire creativity and bring joy.

TikTok hits 1 billion global active users

FACT CHECK: Crypto is increasingly being used for criminal activity and is a haven for illicit finance

6/23/21, 6:11 AM

Because cryptocurrency is still new, we are often asked about the biggest myths surrounding it. It’s common for a new market or product to confuse people until they get familiar with it. Think about Airbnb: the idea of staying in a stranger’s home seemed crazy until it didn’t.

FACT CHECK: Crypto is increasingly being used for criminal activity and is a haven for illicit finance

PUBG: NEW STATE surpasses 17 Million Google play store PRE-REGISTRATIONS following its recent ALPHA TEST

6/19/21, 4:40 AM

KRAFTON, Inc. to open pre-registration for the game on Apple’s App Store in Q3 2021

PUBG: NEW STATE surpasses 17 Million Google play store PRE-REGISTRATIONS following its recent ALPHA TEST
bottom of page