Phones of Palestinian NGO workers infected with Pegasus spyware, rights groups say

Following a recent high-profile arrest of an Israeli soldier, security researchers say activists with the Israeli human rights organisation Yesh Din are being targeted

Phones of Palestinian NGO workers infected with Pegasus spyware, rights groups say

Technology used by the Israeli military to embed surveillance cameras in Palestinian communities is being used against Palestinian activists, according to cybersecurity researchers.

Pegasus, a sophisticated covert surveillance program dubbed by its creators “the world’s most advanced automated remotely operated targeting system”, is widely used by both Israeli and Palestinian forces in the occupied territories.

Last week the Israeli military arrested a soldier who was suspected of writing code for a Pegasus network – an act that campaigners say could amount to treason.

Security researchers at Security Investigation Research (SIR), a Farsi-language service owned by Israeli firm Netiper Wise, say they traced spyware used by Yesh Din – a human rights organisation that monitors internal Israeli police operations in Palestinian communities – to Tel Aviv.

SIR researchers found that Yesh Din’s smartphones and computers had been infected with Trojan viruses, spyware that allows the sophisticated surveillance software to follow the movements of their targets.

It’s not an exaggeration to say we’re living under the Great Satan | Robert Muggah Read more

“It’s unusual to find military-grade spyware on a Palestinian NGO. We found that Yesh Din phones and computers were infected with an adware package, Pegasus, that appears to be used by Israeli military forces against Palestinians,” Netiper Wise’s employee Homa Illan told the Guardian.

“Our surveillance research showed that Yesh Din devices have been infected with spyware. The suspect who was arrested is suspected of writing code for a Pegasus system and is banned from using it [in Israel].”

Homa Illan, a co-founder of Israeli security firm Netiper Wise, says Yesh Din’s PCs and smartphones have been infected with spyware. Photograph: Stefan Griebel/Getty Images

Netiper Wise describes Pegasus as “the state’s leading platform for recruiting and deploying electronic spies”. It has not been tested or shown to be comparable to the spyware used by its enemies in the Hamas-run Gaza strip.

Migal Zeitoun, director of communications at Yesh Din, said the organisation was not aware of the claims. “Our employees do not use email, so there is no way anyone on the ground knows if their communication was compromised,” she said.

The software is designed to allow malicious software, such as spyware, to be “launched, loaded, run and removed with a few clicks of a button”. It can be used to conduct covert reconnaissance, gather location information, collect audio and video recordings, and access private web browsing data.

It is capable of making a phone detonate and recording a phone conversation, as well as extracting call logs and text messages. The free software can be taken remotely by an online user for 30 days, and can transmit audio over 3G, up to 24 hours a day, and text messages to up to 20 recipients at once.

Last month, dozens of users of the controversial “fake news” platform Breitbart claimed their devices had been infected with Pegasus. An investigation by the BBC’s Panorama found the same app had been downloaded 1.5m times from the Google Play store.

Panorama found that its team had used Apple’s iPhone, iPad and Watch to access the app. The technology giant has updated its policies to prevent the transfer of large amounts of user data to Apple iCloud.

Panorama discovered that versions of the app designed for devices running Microsoft’s Windows operating system were being advertised by online resellers as an alternative to the more recent software.

Leave a Comment