Macron among 14 heads of states on potential spyware list
Amnesty International says French President Emmanuel Macron leads a list of 14 current or former heads of state potentially targeted for hacking by clients of the notorious Israeli spyware firm NSO Group
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the notorious Israeli spyware firm NSO Group Amnesty International said Tuesday.
“The unprecedented revelation ... should send a chill down the spine of world leaders," Amnesty's secretary general, Agnes Callamard, said in a statement.
Among potential targets found on a list of 50,000 phone numbers leaked to Amnesty and the Paris-based journalism nonprofit Forbidden Stories include Presidents Imran Khan of Pakistan, Cyril Ramaphosa of South Africa and Barham Salih of Iraq. Three current prime ministers and the king of Morocco, Mohammed VI, are also on the list, The Washington Post reported.
The Post said none of the heads of state would offer their smartphones for forensic testing that might have detected whether they were infected by NSO's military-grade Pegasus spyware. Thirty-seven phones identified in the investigation were either breached or shows signs of attempted infection, it has reported.
The Post and 16 other members of a global media consortium were granted access to the leaked list. Another member, the French daily Le Monde, determined that 15 members of the French government may have been among potential targets with Macron in 2019.
Following first reports by consortium members on Sunday, the Paris prosecutor’s office said it was investigating the suspected widespread use of NSO's military-grade Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.
Also Sunday, Amnesty released a forensic analysis of the alleged targeting that showed Amazon Web Services was hosting NSO infrastructure. In response, Amazon said it shut down NSO accounts that were “confirmed to be supporting the reported hacking activity.” Amazon said the accounts had violated its terms of use.
Another U.S. company identified by Amnesty as hosting NSO servers was DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers.
"All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean," it said Tuesday, without elaborating, in an emailed statement.
The consortium's findings significantly widen the scope of alleged abuses in which NSO Group has been implicated since 2016. Those include the surveillance of friends and relatives of journalist Jamal Khashoggi, who was killed inside the Saudi consulate in Istanbul in 2018 — and highlight what critics call the urgent need to regulate global sales of commercial hacking tools.
Le Monde said the phone numbers for Macron and the then-government members were among thousands allegedly selected by NSO clients for potential surveillance. In this case, the client was an unidentified Moroccan security service, according to Le Monde.
Consortium members said they were able to link more than 1,000 numbers in 50 countries on the list with individuals, including more than 600 politicians and government officials and 189 journalists. The largest share were in Mexico and the Middle East, where Saudi Arabia is reported to be among NSO clients.
Also on the list were phone numbers in Azerbaijan, Kazakhstan, Pakistan, Morocco and Rwanda, as well as ones for several Arab royal family members, the consortium reported.
An official in Macron's office said authorities would investigate Le Monde's report, and if the targeting is proven, it would be “extremely grave.”
Le Monde quoted NSO as saying the French president was never targeted by its clients.
NSO Group has denied that it ever maintained “a list of potential, past or existing targets.” It called the Forbidden Stories report “full of wrong assumptions and uncorroborated theories.”
The source of the leak — and how it was authenticated — has not been disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it was confident the data indicated potential targets of NSO’s government clients.
The Paris prosecutor’s office said in a statement Tuesday that it opened an investigation into a raft of potential charges, including violation of privacy, illegal use of data and illegally selling spyware.
As is common under French law, the investigation doesn’t name a suspected perpetrator but is aimed at determining who might eventually be sent to trial. It was prompted by a legal complaint by two journalists and French investigative website Mediapart.
Multiple lawsuits by alleged victims have been filed against NSO Group including by Facebook over the Israeli firm's alleged hacking of its WhatsApp application.
___
Angela Charlton in Paris and Alan Suderman in Richmond, Virginia, contributed reporting.