NSO spyware used to hack Polish politicians, Khashoggi's wife, others

NSO Group is facing a massive lawsuit from Apple and a potential default on more than $300 million in loans.
Written by Jonathan Greig, Contributor

Spyware from Israeli tech company NSO Group has been implicated in the hack of a leading opposition politician in Poland and several others, according to University of Toronto nonprofit Citizen Lab. 

In partnership with the Associated Press, Citizen Lab revealed on Thursday that Polish Senator Krzysztof Brejza was hacked using NSO Group's Pegasus spyware 33 times between April 26, 2019 and October 23, 2019.

Brejza helped run the opposition campaign against the right-wing government of Prime Minister Mateusz Morawiecki that is currently in power. Doctored photos from Brejza's smartphone falsely implicated him in several scandals and were shared by government-backed news outlets. Morawiecki eventually won the election by a razor-thin margin.  

Brejza, who has gained popularity as a hardliner against corruption, was horrified to learn of the hack. Access to his phone would provide anyone with information about his campaign strategy as well as the corruption whistleblowers who put their trust in him.  

Earlier this week, Citizen Lab revealed that Pegasus was also used to hack into the phones of outspoken Polish prosecutor Ewa Wrzosek and Roman Giertych, a lawyer for Brejza's party Civic Platform.

While Morawiecki and the Polish government have denied any involvement in the hacking, EU member states have begun to speak out about the incident. 

"EU governments using spyware on political opponents and critics is unacceptable. ⁦EU Commission ⁩has to stop ducking the issue. Such practices have no place in the EU and must be banned," Dutch EU parliamentarian Sophie in 't Veld tweeted on Wednesday. 

The news adds to disastrous stories about NSO Group. Citizen Lab provided the Washington Post with evidence showing the UAE used Pegasus to hack and track the phone of Hanan Elatr, wife of deceased Saudi journalist Jamal Khashoggi. Her phone was hacked months before her husband was assassinated by Saudi officials

Also: NSO Group's spyware used against journalists and political activists worldwide

NSO Group chief executive Shalev Hulio in July denied that Elatr and Khashoggi were ever targets of Pegasus customers. Even with the new forensic information, NSO Group continued to deny that Elatr was ever targeted. 

That story came after Citizen Lab provided information to The Guardian showing that UN war crimes investigator Kamel Jendoubi was hacked with Pegasus while he served as chairman of the Group of Eminent Experts in Yemen. 

NSO Group was blacklisted by the US government last month after it was revealed Pegasus was used to hack into the phones of several US State Department officials in Uganda. NSO Group is now facing significant trouble, including lawsuits from Apple and a potential default on more than $300 million in loans. 

Citizen Lab has worked with multiple news outlets throughout the year to reveal the scale of NSO Group's work. In July, the "Pegasus Project" used information from Amnesty International, Citizen Lab, and Forbidden Stories to uncover that the NSO Group's spyware was used to target at least 65 business executives, 85 human rights activists, 189 journalists, and at least 600 politicians. 

The Israeli government's spy agency used the tool to hack the phones of six Palestinian human rights activists. The ruler of the UAE used Pegasus to spy on his ex-wife and her British lawyers. 

Targeted government officials included French President Emmanuel Macron, South African President Cyril Ramaphosa, and Iraqi President Barham Salih. Cabinet ministers from dozens of countries, including Egypt and Pakistan, were also targeted. 

John Scott-Railton, senior researcher at Citizen Lab, told ZDNet that the Polish victims of Pegasus were particularly notable because they suggest that Pegasus is being used for political purposes in a European democracy. 

The Khashoggi case reinforces the knowledge that there were Pegasus infections in the Washington Post reporter's close circle prior to his murder, according to Scott-Railton. He added that the case further undermines NSO Group's credibility because it directly contradicts multiple statements they have made. 

Overall, the stories revealed researchers' worst fears: Pegasus was being used profusely to impact politics and human rights. 

"Pegasus is also being used to erode key international institutions and the people who work at them. Taken together, alongside NSO's dismal recent economic news, the picture is of a company that behaves recklessly and ignored the tremendous harms it was causing," Scott-Railton said, noting that NSO Group is not the only spyware company causing damage. 

He explained, "The problem extends far beyond NSO. NSO has just made itself the poster child for how bad the industry is."

Editorial standards