Al Jazeera Journalists Hacked Using Infamous Israeli Pegasus Spyware


Al Jazeera Journalists Hacked Using Infamous Israeli Pegasus Spyware

TEHRAN (Tasnim) – Dozens of journalists at Al Jazeera Media Network were targeted by advanced spyware sold by an Israeli firm in an attack linked to the governments of Saudi Arabia and the United Arab Emirates, a cybersecurity watchdog said.

The personal phones of some 36 Al Jazeera journalists have been hacked by “government operatives” who used a controversial spying tool by Israel’s infamous NSO Group to snoop on them, a report by a Canadian research lab claims.

The report, released on Sunday by Citizen Lab, a research unit at the University of Toronto specializing in cybersecurity, alleged that the phones belonging to the employees of the Qatar-based media network, including journalists, producers, anchors, and executives, had been compromised and hacked with “an invisible zero-click exploit in IMessage” in July and August this year.

The exploit allowed the perpetrators of the attack, which Citizen Lab, “with a medium degree of confidence,” blamed on “government operatives” from Saudi Arabia and the United Arab Emirates, to infect the phones with spyware without the journalists having to click on malicious links themselves.

In its report, Citizen Lab said that the clandestine techniques employed in the attack “were sophisticated” and therefore “difficult to detect,” since the “targets” were often unaware of anything suspicious going on.

The hack might have remained undetected this time as well, were it not for the network’s Arabic language channel reporter Tamer Almisshal, who sounded the alarm that his phone might have been spied-on and let the researchers monitor his online traffic starting from January 2020. Several months after, in July, the researchers saw his personal phone visiting a website where it got infected with NSO’s group Pegasus spyware without Almisshal’s ever clicking on the link.

The discovery has prompted a wide-ranging search for possible other victims among Al Jazeera staff, eventually leading to Citizen Lab and the channel’s IT unit identifying a total of 36 personal phones that had been successfully targeted by the “four NSO group operators.” One of them, who the group nicknamed “Monarchy,” allegedly tapped into 18 phones, while another one - dubbed “Sneaky Kestrel” - spied on 15 phones.

The group said that it believes “Monarchy” was acting on the marching orders from Riyadh, since it “appears to target individuals primarily inside Saudi Arabia,” while “Sneaky Kestrel” focused on those journalists who were “primarily inside UAE.”

The researchers said that the security loophole that facilitated the hack was closed with the IOS 14 update released in September, but noted that, until then, it had likely been taken advantage of on a large scale.

Apple, for its part, appeared to throw weight behind Citizen Lab’s allegations of a state-sanctioned hack, saying that the reported attack “was highly targeted by nation states,” but noted that it could verify the findings of the report.

It’s not the first time the producer of Pegasus spyware kit finds itself in the spotlight in connection with allegations that its tech was used against reporters. Amnesty International reported in June this year that an award-winning Morocco-based journalist Omar Radi fell victim to the same spyware in an attack strikingly similar to the one described by Citizen Lab.

Last year, WhatsApp confirmed that dozens of Indian lawyers, journalists, and rights activists were among 1,400 users affected by the snooping software.

Despite the perpetual controversy surrounding the NSO group, an Israeli court in July sided with the firm and the Israeli Ministry of Defense in a case brought by Amnesty International, which demanded a ban on international sales of the software.

Most Visited in World
Top World stories
Top Stories