Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Report finds NSO Group's spyware used on Bahraini activists

Nine activists from Bahrain had their iPhones hacked by advanced spyware made by the Israeli company NSO Group, the world’s most infamous hacker-for-hire firm, a cybersecurity watchdog reported on Tuesday

Via AP news wire
Tuesday 24 August 2021 11:23 BST

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Nine activists from Bahrain had their iPhones hacked by advanced spyware made by the Israeli company NSO Group the world's most infamous hacker-for-hire firm, a cybersecurity watchdog reported on Tuesday.

Citizen Lab at the University of Toronto said NSO Group’s Pegasus malware successfully hacked the phones between June 2020 and February 2021. Those reportedly hacked included members of the Bahrain Center for Human Rights and two political dissidents living in exile. At least one of the activists lived in London when the hacking occurred, Citizen Lab said.

Citizen Lab said it has “high confidence” that at least four of the activists were hacked by the Bahraini government, which has a history of using commercially available spyware.

One of the activists targeted is Moosa Mohammed, who said he was previously a victim of spyware in 2012.

“When I fled torture and persecution in Bahrain, I thought I would find safety in London but have continued to face surveillance and physical attacks by Gulf regimes,” he said.

The government of Bahrain, a tiny island kingdom off the coast of Saudi Arabia that’s home to the U.S. Navy’s 5th Fleet, has a long history of suppressing dissent. Bahrain’s National Communication Centre dismissed Citizen Lab’s findings as “misguided” and said in a statement the country is committed to safeguarding individual rights and freedoms.

NSO Group said in a statement that it had not yet seen the report, but questioned Citizen Lab's methods and motives. “If NSO receives reliable information related to the misuse of the system, the company will vigorously investigate the claims and act accordingly,” the company said.

Citizen Lab found that in some instances the malware infected targeted iPhones without the users taking any action — what’s known as a zero-click vulnerability.

Bill Marczak of Citizen Lab said the exploits worked against a recent versions of the iPhone's operating system, adding that there's ”no indication that the bugs exploited have been fixed."

Ivan Krstic, head of Apple Security Engineering and Architecture, said such attacks are costly and often have a short shelf life. “They are not a threat to the overwhelming majority of our users," he said in a statement, adding that Apple constantly adds new protections for its devices and data.

The new report is the latest unwelcome news for NSO Group. The firm was the focus of recent reports by a media consortium that found the company’s spyware tool Pegasus was used in in several instances of successful or attempted phone hacks of business executives, human rights activists and others around the world.

Those investigations, based on leaked data obtained by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International, sparked widespread condemnation of the company.

Last month around 1,000 protesters in Hungary’s capital demanded answers to allegations that the country’s right-wing government used Pegasus to secretly monitor critical journalists, lawyers and business figures. India’s parliament also erupted in protests as opposition lawmakers accused Prime Minister Narendra Modi’s government of using NSO Groups’ product to spy on opponents and others.

France is also trying to get to the bottom of allegations that President Emmanuel Macron and members of his government may have been targeted in 2019 by an unidentified Moroccan security service using Pegasus. Morocco, a key French ally, denied those reports and is taking legal action to counter allegations implicating the North African kingdom in the spyware scandal.

Facebook is currently suing NSO Group in U.S. federal court for allegedly targeting some 1,400 users of its encrypted messaging service WhatsApp with highly sophisticated spyware. That includes users in Bahrain, Facebook said.

Human rights experts working with the United Nations recently called on countries to pause the sale and transfer of spyware and other surveillance technology until they set rules governing its use, with the aim of ensuring that it won’t impinge upon human rights.

This article was amended on 25 August 2021 to add comments from the Bahraini government.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in