Pegasus spyware used to target 30 Thai activists - cyber watchdogs

A joint investigation by human rights and cyber monitoring groups have found that over a dozen activists and academics in Thailand have been hacked through Pegasus spyware

The human rights and cyber monitoring groups suspect the attacks were launched locally.
Reuters

The human rights and cyber monitoring groups suspect the attacks were launched locally.

At least 30 political activists in Thailand have been hacked using Israeli cyber-arms company NSO Group's surveillance spyware Pegasus.

Thai human rights group iLaw, in its report on Monday, said 24 political activists, three academics and three members of civil society groups were targeted between October 2020 and November 2021.

The probe by iLaw, Southeast Asian internet watchdog Digital Reach and Toronto-based Citizen Lab, followed a mass alert from Apple in November.

The alert informed thousands of iPhone users, including in Thailand, that they were targets of "state-sponsored attackers".

Yingcheep Atchanont, programme manager at iLaw, was among those hacked and said his group would investigate further, and pursue legal action once it becomes clear who in Thailand was operating Pegasus.

"NSO has said that they only sell the software to governments and that all the victims here are Thai government critics, so they benefited the most," he said.

NSO Group and a spokesperson for Thailand's government did not immediately respond to requests for comment.

READ MORE: Pegasus spyware 'attack' targets phones of Spanish PM, defence minister

Loading...

'Tip of the iceberg'

Pegasus has been used by governments to spy on journalists, activists and dissidents and the Israeli firm behind it, NSO Group, has been sued by Apple and placed on a US trade blacklist.

Wetang Phuangsup, a spokesperson for Thailand's ministry of Digital Economy and Society, said his ministry was not aware of any usage of spyware by the government.

Citizen Lab's report, which was separate to that of iLaw, examined digital traces left in the victims' phones and identified Pegasus usage in Thailand as far back as May 2014.

John Scott-Railton, a Citizen Lab researcher, said the investigation showed Pegasus was being operated in Thailand, with many more hacking victims likely.

"What we uncovered is a lot of targeting of dozens of people over a specific time frame, but having done investigation into Pegasus...over the decade, I am confident that it is the tip of the iceberg," he said in an online presentation on Monday.

READ MORE: Dozens of journalists, activists in El Salvador hacked with Pegasus spyware

Route 6