Amnesty International Staff Targeted with Spyware

Written by

Amnesty International found hackers attempting to infect one of its researcher's phones with a tool from Israel-based NSO Group, long known as makers of spyware, the NGO reported.

Amnesty International’s tech team launched an investigation after one of its staff members received a suspicious WhatsApp message in Arabic, which detailed information about a protest at Washington D.C.’s Saudi embassy. The message included a malicious link for further details. Because the NSO Group spyware is mainly sold to government agencies, Amnesty International believes that it was targeted by a hostile government that takes issue with its work.

“The potent state hacking tools manufactured by NSO Group allow for an extraordinarily invasive form of surveillance,” said Joshua Franco, Amnesty International’s head of technology and human rights. “A smartphone infected with Pegasus is essentially controlled by the attacker – it can relay phone calls, photos, messages and more directly to the operator. This chilling attack on Amnesty International highlights the grave risk posed to activists around the world by this kind of surveillance technology.”

Had the victim clicked, they would have installed the highly sophisticated Pegasus surveillance tool. “Pegasus (the NSO spyware) almost found itself in the wild after one of its workers decided to try and sell it on the dark web,” said Koby Kilimnik, security researcher at Imperva, “but there isn’t a good way to prevent such hacking tools from falling into the wrong hands.”

NSO Group reportedly told Amnesty International that its spyware is intended to be used as an investigative tool to prevent crime and terrorism and that any other use is a violation of its acceptable use policy. “While malware from firms such as the NSO Group can, and apparently has, been used to spy on human rights activists and others, the code itself is unbiased and has no agenda,” said Lee Munson, security researcher at Comparitech.

“For that reason and given the fact that its intended target was supposedly terrorists, it is very hard indeed to legislate against it. Additionally, malware propagates so quickly and in so many unusual ways that it is hard to block it completely," Munson continued.

“Whether or not governments should be dabbling in such surveillance code is an interesting question and the answer is not easy to come by – balancing privacy against security is a problem politicians will be fighting over for decades to come.”

What’s hot on Infosecurity Magazine?