- The phone numbers of several world leaders have been identified on a list of more than 50,000 numbers linked to NSO’s spyware Pegasus
- A group of media outlets identified the number after they were provided the list by Amnesty International and journalism not-for-profit Forbidden Stories
- Already activists and journalists had been identified among those targeted with the spyware licensed to government agencies in more than 50 countries
- While NSO maintains the list is not of surveillance targets, several phones which were analysed are reported to have shown evidence of being targeted
- On the list were the current Presidents of France, Iraq and South Africa, the King of Morocco, and the Prime Ministers of Pakistan, Egypt and Morocco
The phone numbers of several world leaders have been identified on a list of more than 50,000 numbers linked to Israeli company NSO’s spyware Pegasus.
The leaked list of phone numbers supposedly added by NSO customers in more than 50 countries since 2016 was analysed by Amnesty International and French journalism not-for-profit Forbidden Stories.
They found the numbers of at least 180 journalists from 21 countries were on the list, suggesting they could have been targeted by the spyware which can be installed remotely and gain access to even encrypted apps such as WhatsApp and Signal.
In a further development, a group of media outlets — including The Guardian and Le Monde — were given access to the list and were able to identify the numbers of incumbent and past state leaders.
On the list were the current presidents of France, Iraq and South Africa, the King of Morocco, and the prime ministers of Pakistan, Egypt and Morocco.
So too were past prime ministers of Yemen, Lebanon, Uganda, France, Kazakhstan, Algeria and Belgium who were in office at the time their numbers were added to the list.
In a statement, NSO said the allegedly leaked data did not relate to Pegasus customer targets.
“NSO Group has a good reason to believe the claims that are made by the unnamed sources to Forbidden Stories, are based on misleading interpretation of data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers targets of Pegasus or any other NSO products.”
“The claims that the data was leaked from our servers, is a complete lie and ridiculous, since such data never existed on any of our servers…these allegations are so outrageous and far from reality, that NSO is considering a defamation lawsuit.”
However, Amnesty’s Security Lab analysed the phones of people identified on the list and found in around 85 per cent of cases there had been a confirmed or attempted infection. The findings were peer-reviewed by Citizen Lab.
None of the incumbent or former state leaders identified agreed to having their phone analysed for a possible or attempted infection according to The Washington Post, one of the Pegasus Project partners.
NSO also affirmed in the statement it sells its technology “solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts”.
Government clients reported to be on NGO’s books include Saudi Arabia, Azerbaijan and the United Arab Emirates.