Senior officers in the European Union were allegedly targeted by NSO Group’s infamous Pegasus surveillance device, according to a new report from Reuters.
At least five people, including Didier Reynders (European Justice Commissioner), are believed to have been targeted, according to the news agency, which cited documents and unnamed E.U. officials. officials. However, it’s not clear who used the commercial spyware against them or what information was obtained following the attacks.
NSO Group said in a statement shared with Reuters that it was not responsible for the hacking attempts, adding that the targeting “could not have happened with NSO’s tools. “
The targeting is said to have come to light after Apple notified the victims of state-sponsored attacks last November as part of its efforts to stop the Israeli surveillance firm from targeting its customers.
That same month, the iPhone maker filed a lawsuit against NSO Group, seeking a court-issued injunction aimed at banning the company from using its products and services to develop and launch spyware attacks.
Apple called NSO Group as “notorious hackers — amoral 21st century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse. “
Pegasus, typically deployed through sophisticated “zero-click” exploits like FORCEDENTRY, grants its government and law enforcement customers complete access to a target’s device, including their personal data, photos, messages, and precise location.
The widespread abuse of Pegasus to systematically spy on civil society in recent years has led the U.S. government to add NSO Group to its trade blocklist, in turn prompting Israel to restrict the number of countries to which local security firms can sell offensive hacking and surveillance tools.
In February 2022, the European Data Protection Supervisor called for a ban on the development and the use of Pegasus-like commercial spyware in the region, pointing out the technology’s “unprecedented level of intrusiveness” that could endanger users’ right to privacy.
But despite attempts to regulate the use of spyware, a forensic investigation released by Front Line Defenders last week found that the iPhone belonging to Suhair Jaradat, a Jordanian journalist and human rights defender, was hacked with Pegasus via a malicious WhatsApp message in December 2021, weeks after Apple initiated legal proceedings.
“The fact that the targeting we uncovered happened after the widespread publicity around Apple’s lawsuit and notifications to victims is especially remarkable,” the report said.
” A firm that really respected these concerns would at least have stopped operations for government clients like Jordan that have a well-publicized record of human rights violations and have passed emergency powers that give authorities wide latitude to violate civil liberties. “