50,000 phone numbers worldwide on list linked to Israeli spyware

Top Stories

A woman uses her iPhone in front of the building housing the Israeli NSO group Pegasus, in Herzliya, near Tel Aviv. — AFP
A woman uses her iPhone in front of the building housing the Israeli NSO group Pegasus, in Herzliya, near Tel Aviv. — AFP

Washington - Pegasus malware is capable of switching on a phone's camera or microphone and harvesting its data

By AFP

  • Follow us on
  • google-news
  • whatsapp
  • telegram

Published: Mon 19 Jul 2021, 6:10 PM

An Israeli firm accused of supplying spyware to governments has been linked to a list of tens of thousands of smartphone numbers, including those of activists, journalists, business executives and politicians around the world, according to reports.

The NSO Group and its Pegasus malware — capable of switching on a phone’s camera or microphone, and harvesting its data — have been in the headlines since 2016.


Sunday’s revelations — part of a collaborative investigation by The Washington Post, The Guardian, Le Monde and other media outlets — raise privacy concerns and reveal the far-reaching extent to which the private firm’s software could be misused.

The leak consists of more than 50,000 smartphone numbers believed to have been identified as connected to people of interest by NSO clients since 2016, the news organisations said, although it was unclear how many devices were actually targeted or surveilled.


NSO has denied any wrongdoing, labelling the allegations “false”.

On the list were 15,000 numbers in Mexico — among them reportedly a number linked to a murdered reporter — and 300 in India, including politicians and prominent journalists.

Last week, the Indian government — which in 2019 denied using the malware to spy on its citizens, following a lawsuit — reiterated that “allegations regarding government surveillance on specific people has no concrete basis or truth associated with it whatsoever”.

The Post said a forensic analysis of 37 of the smartphones on the list showed there had been “attempted and successful” hacks of the devices.

Among the numbers on the list are those of journalists for AFP, The Wall Street Journal, CNN, The New York Times, Al Jazeera, El Pais, the Associated Press, Le Monde, Bloomberg, The Economist, and Reuters, The Guardian said.

The use of the Pegasus software to hack the phones of Al Jazeera reporters and a Moroccan journalist has been reported previously by Citizen Lab, a research centre at the University of Toronto, and Amnesty International.

Forbidden Stories, a Paris-based journalism non-profit, and Amnesty originally shared the leak with the newspapers.

The Post said the numbers on the list were unattributed, but other media outlets participating in the project were able to identify more than 1,000 people in more than 50 countries.

Pegasus is a highly invasive tool that can switch on a target’s phone camera and microphone, as well as access data on the device, effectively turning a phone into a pocket spy. In some cases, it can be installed without the need to trick a user into initiating a download.

NSO issued a denial on Sunday that focused on the report by Forbidden Stories, calling it “full of wrong assumptions and uncorroborated theories,” and threatening a defamation lawsuit.

“We firmly deny the false allegations made in their report,” NSO said.

Roughly three dozen journalists at Qatar’s Al Jazeera network had their phones targeted by Pegasus malware, Citizen Lab reported in December, while Amnesty said in June the software was used by Moroccan authorities on the cellphone of Omar Radi, a journalist convicted over a social media post.

Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli hi-tech hub of Herzliya, near Tel Aviv.


More news from