Pegasus spyware was placed on the phone of journalist Jamal Khashoggi’s wife, Hanan Elatr, by United Arab Emirates (UAE) authorities months before he was murdered by Saudi agents in October 2018, according to a report by The Washington Post.
The revelation is part of an ongoing investigation orchestrated by the journalism nonprofit Forbidden Stories and Frontline into Pegasus spyware. This spyware has been sold to authoritarian governments by the NSO Group and has been used for monitoring journalists, politicians, and human rights activists alike.
NSO Group said it had no evidence that its spyware was used to target and track Elatr. However, a forensic analysis of her phone by Bill Marczak from the cybersecurity research group Citizen Lab found evidence that Pegasus was manually placed on Elatr’s phone while she was being held and questioned by UAE authorities in April 2018, according to reports.
The news was relayed to Elatr by Marczak and Washington Post journalist Dana Priest in early December. This meeting was filmed by Frontline and Forbidden Stories as part of an upcoming documentary on the topic.
Push for Sanctions
On Dec. 14, a group of US lawmakers sent a letter urging the Treasury and State Department to sanction NSO Group, along with three other foreign surveillance companies for helping authoritarian governments commit human rights abuses.
The lawmakers called for Global Magnitsky sanctions, which punish individuals and organizations accused of enabling human rights abuses by freezing bank accounts and banning travel to the United States.
This letter came on the heels of tech giant Apple notifying several US Embassy and State Department employees and Ugandan politicians that their phones may have been hacked by an unknown threat actor using Pegasus spyware.
There were up to 11 US Embassy officials in total working in Uganda who were targeted using iPhones registered to their overseas phone numbers, according to reports. However, it was unclear who hacked the officials’ phones or what information was stolen.
Apple Lawsuit
Along with Meta, Apple had decided to sue NSO Group for illegally hacking its users by exploiting previously unknown security flaws in both iOS and WhatsApp, according to a Nov. 23 press release by Apple. Apple also said that it began sending threat alert notifications to users it believes have been targeted by threat actors on that date.
“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” Apple’s software engineering chief Craig Federighi said in the press release. “That needs to change.”