Pegasus Spyware Targeted UK Prime Minister, Say Researchers

Written by

A notorious spyware variant linked to multiple state-backed campaigns was used to target the UK Prime Minister’s Office over the past two years, researchers have revealed.

Over recent years, Canadian non-profit Citizen Lab has been heavily involved in tracking the use of the Pegasus spyware produced by Israel’s NSO Group.

The firm is being sued by both WhatsApp and Apple after customers of the tech giants were targeted by the covert malware. It was also used to compromise the iPhones of nine US State Department officials, it emerged late last year.

The US has since placed NSO Group and fellow Israeli spyware-maker Candiru on a trade backlist after claiming the governments it sold to used the tools to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

Yesterday Citizen Lab revealed that it was also forced to notify the UK government in 2020 and 2021 after spotting “multiple suspected instances of Pegasus spyware infections within official UK networks.”

The United Arab Emirates (UAE) is suspected of attempting to spy on officials working in the UK Prime Minister’s Office, 10 Downing Street. Citizen Lab also claimed that employees at the Foreign Commonwealth and Development office (FCDO) were targeted over the period, with Pegasus used by the UAE, India, Cyprus and Jordan.

“Because the UK Foreign and Commonwealth Office and its successor office, the Foreign Commonwealth and Development office (FCDO), have personnel in many countries, the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021,” explained Citizen Lab director, Ron Deibert.

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.”

NSO Group has always maintained that its products are only sold for legitimate law enforcement and intelligence operations.

“The information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons,” it argued in a statement sent to the BBC.

“NSO continues to be targeted by a number of politically motivated advocacy organizations, like Citizens Labs and Amnesty, to produce inaccurate and unsubstantiated reports based on vague and incomplete information.”

What’s hot on Infosecurity Magazine?