On Monday, December 21, Monday, the Citizen’s Lab of Toronto University in Canada claimed that the UAE and Saudi Arabia have used the Israel-made Pegasus malware to hack the personal phones of at least 36 journalists, producers and anchors working with Qatar-based Al-Jazeera in July. This was weeks before the UAE announced a “normalization deal” with Israel. The Pegasus spyware is made by the Israel-based NSO group.
The hacking was allegedly part of an espionage campaign launched by these countries against Al-Jazeera, which is supported by the Qatari government. Both the UAE and Saudi Arabia have a running feud with Qatar since 2017 over the latter’s dissenting political positions and due to Al-Jazeera’s critical approach towards most of the regimes in the region. Saudi Arabia and the UAE allege that Qatar has links with the Muslim Brotherhood, Hamas and Iran. The rest of the Gulf Cooperation Council countries have blockaded Qatar and, as part of their 13-point demand to normalize relations with the country, had asked it to shut down Al-Jazeera in 2017.
🚨BIG @citizenlab report on an NSO Group hacking bonanza. In late 2019 and in July 2020, NSO Group clients appear to have used an invisible 0-click exploit in iMessage to break into the latest, up-to-date iPhones. Some of the first target were journalists https://t.co/EwaNHz1pEj
— Bill Marczak (@billmarczak) December 20, 2020
The Citizen Lab’s report also highlights the vulnerability of Apple’s iPhone to such spywares, against the company’s claims that it is safe against attacks. According to the Lab, the Israeli malware uses the “zero click” technology to infiltrate the iPhones.
According to Bill Marczak, one of the writers of the Citizen Lab report titled ‘The Great iPawn’, zero click technology means even if the user does not click the link with malicious code, the phone will be infected. The example of one journalist working with Al-Arabiya, Tamer Almissal, who has been reporting on alleged government corruption in the UAE and was targeted using the Pegasus malware, is used in the report to prove the way iPhones are hacked.
So how did the hackers get into Tamer's phone? The first stage appears to have involved an exploit transmitted through Apple's servers. Then, his phone connected to an "Installation server" to download the spyware, and finally sent his personal data back to the spyware operators pic.twitter.com/EeLcJohipC
— Bill Marczak (@billmarczak) December 20, 2020
Both Saudi Arabia and the UAE have previously been accused of using the Israeli spyware to target activists and journalists. Edward Snowden had claimed in 2018 that the NSO-made spyware had been used by the killers of Jamal Khashoggi to track him down.
The Pegasus spyware was in the news last year after Citizen’s Lab revealed that it was being used by various governments across the globe to spy on dissidents, human rights activists and journalists through the instant messaging platform WhatsApp. Those targeted included activists related to the Bhima Koregaon case in India, dissidents in Mexico, Rwanda, Spain and several other countries across the world.
WhatsApp has filed a lawsuit filed in the US against the NSO for misusing its platform. In July this year, an Israeli court refused to revoke the export license of the NSO group as per the petition filed by several human rights organizations, including by Amnesty International after it was revealed that their staff had been hacked using the spyware.
