NSO’s Pegasus spyware has reportedly been used by governments to obtain private photos from the phones of female journalists and activists.
These photos were then posted online with the aim of attacking their reputation, in at least one case by falsely suggesting that a bikini photo was taken at the home of a journalist’s boss …
The extent to which NSO’s Pegasus spyware has been used by repressive governments came to light in a report by Amnesty International. Simply receiving a particular iMessage could be enough to infect an iPhone, with no user interaction required.
Apple did release a security fix in iOS 14.7.1, which is widely believed to be designed to block the particular attack vector used by NSO in the past, but the company is sure to be working on a replacement method.
Pegasus spyware used to steal compromising photos
NBC News reports.
Ghada Oueiss, a Lebanese broadcast journalist at Al-Jazeera, was eating dinner at home with her husband last June when she received a message from a colleague telling her to check Twitter. Oueiss opened up the account and was horrified: A private photo taken when she was wearing a bikini in a jacuzzi was being circulated by a network of accounts, accompanied by false claims that the photos were taken at her boss’s house.
Over the next few days she was barraged with thousands of tweets and direct messages attacking her credibility as a journalist, describing her as a prostitute or telling her she was ugly and old. Many of the messages came from accounts that appeared to support Saudi Crown Prince Mohammed bin Salman Al Saud, known as MBS, including some verified accounts belonging to government officials.
“I immediately knew that my phone had been hacked,” said Oueiss, who believes she was targeted in an effort to silence her critical reporting on the Saudi regime. “Those photos were not published anywhere. They were only on my phone.”
“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”
Oueiss is one of several high-profile female journalists and activists who have allegedly been targeted and harassed by authoritarian regimes in the Middle East through hack-and-leak attacks using the Pegasus spyware, created by Israeli surveillance technology company NSO Group.
The piece points out that, even without false allegations, publication of what would be seen as innocent photos in the west can be damaging in Middle Eastern countries.
While these photos may seem tame by Western standards, they are considered scandalous in conservative societies like Saudi Arabia and were seemingly used to publicly shame these women and smear their reputations.
FTC: We use income earning auto affiliate links. More.