recommended reading

Threatwatch

NSO Group’s Spyware Found on iPhones of Mexican Government Critics

Cyber espionage

A spyware sold exclusively to governments to track criminals and terrorists was found on the smartphones of human-rights lawyers, anti-corruption activists and journalists critical of the Mexican government, according to The New York Times.

Pegasus software, made by the Israel-based NSO Group, effectively turns a target’s smartphone into a spy in his or her pocket. It can access texts, contacts, calendars and control the camera and mic. The New York Times reported NSO Group code was found on the phones of some of the Mexican government’s prominent critics and their family members, though it said “no ironclad proof” showed the government was behind it.

A government statement “categorically denies” improper use of the spyware, though its agencies have bought $80 million worth of spyware since 2011.

Only governments can purchase the spyware, and by explicit agreement, can only use it to track criminals. But NSO Group can’t enforce that: Once the product is sold, the company doesn’t know how its tools are used or by whom, according to the Times.

Last year, a human rights activist in the United Arab Emirates turned over suspicious texts to a pair of security firms. They found Pegasus spyware on the device—its first discovery “in the wild”—and learned it exploited three iPhone zero days. They pointed to the UAE government as the likely party behind the attempted attack.

Apple quickly issued a patch for the flaws.

sector

Government (Foreign)

reported

June 19, 2017

reported by

The New York Times

number affected

Unknown

location of breach

Mexico

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown