The Pegasus Project – What the Investigation Has Revealed So Far

In 2020, a list of over 50,000 phone numbers was leaked to Amnesty International and Forbidden Stories, a nonprofit media organization based in Paris, France. The numbers are believed to belong to individuals identified as “people of interest” by clients of the Israeli cyber defense firm NSO Group. The leak set off a worldwide investigative journalism initiative – the Pegasus Project.  

Who is behind NSO Group?

NSO Group was founded in 2010 by Niv Carmi, Omri Lavie, and Shalev Hulio and is based in Herzliya, Israel. The firm is a subsidiary of the Q Cyber Technologies group of companies.

According to NSO’s website, it develops “best-in-class technology” to help government agencies detect and prevent terrorism and crime. It claims its products are used “exclusively by government intelligence and law enforcement agencies to fight crime and terror.” NSO Group also sells Eclipse – a cyber counter-drone platform.

What is Pegasus?

Pegasus is commercial spyware sold by NSO Group to governments and reportedly costs millions to purchase. The earliest versions were spotted back in 2016. Unlike any run-of-the-mill malware, Pegasus is designed solely for spying.

Once on a smartphone (Android or iOS), the software gains access to photos, emails, text messages, WhatsApp messages, incoming and outgoing calls, and past/present location data. It can also activate the phone’s camera or microphone and record conversations. What’s more, Pegasus monitors the keystrokes on an infected device – all written communications and web searches, even passwords – and returns them to the client.

NSO Group says that governments of more than 40 countries are on its client list. It also explicitly states that Pegasus “cannot be used to conduct cyber-surveillance within the United States, and no foreign customer has ever been granted technology that would enable them to access phones with US numbers.”

Our research could not identify which countries were among the clients or whether any of them are on the U.S. sanctions list.

The Pegasus Project

In 2020, Forbidden Stories and Amnesty International gained access to a set of more than 50,000 phone numbers believed to be targets of NSO Group’s software. Forbidden Stories then invited OCCRP, The Washington Post, The Guardian, and 13 other media partners to participate.

The investigation identified hundreds of individuals whose phones have had the Pegasus spyware at some point. The list did not include identifying information, but reporters were able to independently name the owners of more than 1,000 numbers through forensic analysis, additional databases, internal documents, interviews, court documents, and other sources.

Once the investigation results were made public, media outlets, human rights watchdogs, and politicians across the world started paying attention. Associated Press reported that Mexico spent $61 million on Pegasus spyware. The Washington Post reported on 11 Indian citizens who have been spied upon using Pegasus. The Post also said that people close to the murdered Saudi columnist Jamal Khashoggi were targeted.

French President Emmanuel Macron was forced to change his phone after being identified as a spying victim. Macron called an extraordinary national security meeting since France is one of the permanent members of the UN Security Council. European Commission President Ursula von der Leyen said Pegasus spying reports were “completely unacceptable.” According to CNBC, several African governments were also embroiled in the Pegasus spyware saga, which could prompt further diplomatic repercussions. And while Israel has appointed a team of ministers to deal with the fallout, Morocco and Hungary deny using Pegasus.

Meanwhile, in the U.S., the White House raised spyware concerns with Israel. President Joe Biden’s top Middle East adviser Brett McGurk met with Zohar Palti, a senior Israeli Ministry of Defense official, on July 22 and asked him what the Israeli government was doing about the NSO issue.

The full extent of the impact of the Pegasus Project investigation will be seen in time, but the first legal action is already in motion – the Gulf Centre for Human Rights and Reporters Without Borders have filed cases with the French Public Prosecutor.

In the meantime, public investors in the private equity firm that owns a majority stake in NSO Group are abandoning ship. According to The Guardian, Novalpina Capital is in talks to transfer management of that fund to Berkeley Research Group, a U.S. consulting firm.

The full list of people identified as victims of the Pegasus spyware so far is available on the OCCPR website.

About Kreller Group

The Kreller Companies were founded in 1988 by a former D&B national account manager who envisioned a straight forward and cost-effective way to conduct business investigations and share results with clients. Today the Kreller Companies are comprised of Kreller Group, Kreller Credit and Kreller Consulting.

Want to discuss how our expertise can help? Click here.

Facebook
Twitter
LinkedIn