„The Pegasus Project“
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
Die internationale Zusammenarbeit für diese Recherche ist beeindruckend. An der deutschsprachigen Berichterstattung beteiligten sich NDR, WDR, die Süddeutsche Zeitung sowie DIE Zeit.
Das Video von Zeit Online empfand ich als guter Einstieg; die SZ strickte ein übersichtliches Portal für die verschiedenen Einzelthemen.
Speziell die („Zero-Click“-)Angriffe der Spähsoftware, die auch iMessage in der aktuellen Betriebssystemversion betreffen, behalte ich im Blick. Insbesondere weil erst iOS 14 unter dem Codenamen „BlastDoor“ der Nachrichten-App ein neues Sandbox-System unterschob.
Aber auch deshalb, weil diese Sicherheitslücken nicht nur Journalistinnen, Menschenrechtsaktivisten, Anwälte und Politiker betreffen: Oder hat schon jemand vergessen, dass Facebook vor einem Jahr bei der NSO Group anklopfte?
According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.
„The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices,“ the court filing reads. „The Facebook representatives also stated that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and were willing to pay for the ability to monitor Onavo Protect users.“
Facebook proposed to pay NSO a monthly fee for each Onavo Protect user, the filing adds.