Israeli spyware behind hacking of Mexican anti-government activists

Israeli spyware was behind an attempt to hack into the phones of Mexican anti-government campaigners whose family members were murdered in 2015, Canadian researchers have revealed.

The Pegasus surveillance software, which is only sold to governments, was found to have been trying to infect iPhones belonging to Mexican campaigners who say their friends and relatives were tortured and murdered by the Mexican government.

The targets were two Mexican lawyers and human rights campaigners representing the families of a journalist, a women’s rights activist and three other women who were killed in the Narvarte area of Mexico City. The journalist, Rubén Espinosa, is believed to have been tortured, having been found with severe facial injuries.

NSO Group, the Israeli company behind the spyware, was set up by three men, thought to be former elite Israeli soldiers involved in signals intelligence. The Herzliya-based company says it provides governments with technology “that helps them combat terror and crime,” but critics say its malware is actually used to target human rights activists and journalists.

Forensic digital analysts at Citizen Lab, an NGO based at the University of Toronto, and Lookout, a San Francisco-based company, say NSO Group software has previously targeted Mexican scientists and public health officials who support a ‘soda tax’ to reduce childhood obesity, as well as Mexican journalist Rafael Cabrera.

Among others to allege illegal surveillance were investigators who examined the mass killing in 2014 of 43 Mexican students, who had been on their way to commemorate the murder of fellow students by Mexican soldiers in 1968.

Typically, access is gained through an infectious link which, when clicked on, allows someone to ‘listen in’ on calls and messages. The result is known as a ‘jailbreak,’ and Pegasus has been described as “the world’s most invasive mobile spy kit”.

Along with Panama – an NSO Group client revealed only after hacked documents were released online – other states believed to be using the Israeli spyware include Turkey, Thailand, Qatar, Kenya, Uzbekistan, Mozambique, Morocco, Yemen, Hungary, Saudi Arabia, Nigeria and Bahrain.

The Mexican government signed its first contract with the firm, valued at $20 million, in 2012 but in June of this year said it was investigating use of the spyware, after an article in the New York Times. Campaigners have pointed out that the Mexican attorney-general’s office, charged with investigating, itself uses the software.