Mexican Government Accused of Targeting Journos with Spyware

The Mexican government is likely behind a major targeted surveillance campaign using sophisticated exploits developed by a notorious Israeli company to spy on journalists, lawyers and even children, according to Citizen Lab.

The Canadian research center at the University of Toronto claimed that a previously reported “exploit framework” developed by the NSO Group has been uncovered via links in over 76 messages to various targets investigating government corruption and human rights abuses in the country.

That framework includes “The Trident” – a chain of iOS zero-day exploits – and Pegasus spyware both discovered last year when they were sent to activist Ahmed Mansoor in the UAE.

Although attribution back to the Mexican government is not possible, Citizen Lab said circumstantial evidence points to involvement.

For example: the SMS content is Mexico-specific; all targets were investigating government and powerful vested interests in the country; and multiple agencies are reportedly NSO Group customers.

Citizen Lab explained:

“The targets received SMS messages that included links to NSO exploits paired with troubling personal and sexual taunts, messages impersonating official communications by the Embassy of the United States in Mexico, fake AMBER Alerts, warnings of kidnappings, and other threats. The operation also included more mundane tactics, such as messages sending fake bills for phone services and sex-lines. Some targets only received a handful of texts, while others were barraged with dozens of messages over more than one and a half years. A majority of the infection attempts, however, took place during two periods: August 2015 and April-July 2016.”

In August 2015 one targeted journalist was questioning the government’s role in extrajudicial killings, while the President was exonerated from his part in the ‘Casa Blanca’ house buying scandal uncovered by another target.

During the second period a range of controversial stories apparently came to light including government involvement in human rights abuses, illegal killings, bribery and corruption, Citizen Lab claimed.

Its work was co-authored by rights groups R3D, SocialTic and Article 19.

What’s Hot on Infosecurity Magazine?