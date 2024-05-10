The Israeli firm NSO Group—which developed the notorious Pegasus spyware allegedly used by authoritarian governments worldwide to extract private data from the phones of political opponents, journalists and activists through a WhatsApp security vulnerability—has been repeatedly going after the research organisation that exposed its cybercrimes five years ago.

The Israeli firm has demanded that Citizen Lab, a University of Toronto-based organisation that studies information control, should hand over “every single document” about its Pegasus investigation from 2019.

NSO insists that Citizen Lab must reveal how it “conducted its analysis” that led it to identify over 100 cases of abusive targeting of politicians, human rights defenders and journalists in at least 20 countries in Africa, Asia, Europe, the Middle East, and North America.

NSO claims it sells Pegasus only to governments and militaries for the purpose of tackling crime and terrorism.

Related EU watchdog seeks a ban on NSO's surveillance tool Pegasus

Battleground: WhatsApp

WhatsApp identified and quickly resolved a “vulnerability” in its system back in May 2019. The bug allowed cybercriminals to inject commercial spyware into phones via WhatsApp by simply ringing the number of a target’s device.

WhatsApp also identified NSO as the spyware developer that took advantage of the bug in October 2019.

It was only then that Citizen Lab entered the fray and volunteered to help WhatsApp identify cases in which the suspected targets of this attack were “members of civil society, such as human rights defenders and journalists”.

Subsequently, WhatsApp went to court against NSO, alleging that the spyware developer sent Pegasus to about 1,400 devices worldwide.

The lawsuit alleged that NSO’s malware was designed to infect phones and computers for “conducting surveillance of specific WhatsApp users”. The Israeli firm developed its malware in order to access messages and other communications after they were decrypted on target devices, it said.

For its part, NSO insists the clientele for its proprietary spyware is “strictly” limited to government clients and that its sales meet the Israeli government’s export regulations.

But Citizen Lab argues that the number of cases in which NSO’s technology is used to target civil society members “continues to grow”.

The US Department of Commerce blacklisted NSO in November 2021 based on “evidence” that it sold spyware to foreign governments that used the same to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers”.

Its tools also enabled foreign governments to conduct “transnational repression” to target overseas dissidents, journalists and activists to silence dissent, it said.

Discovery: arrow in NSO’s quiver

The notorious Israeli firm has so far mounted at least two legal attacks on Citizen Lab, demanding access to its raw work relating to the 2019 investigation.