New York Times journalist and bureau chief, Ben Hubbard, discusses working with the Citizen Lab and discovering that he had been hacked several times by operators using NSO Group’s Pegasus spyware. 

Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus operator that we call KINGDOM.

Forbidden Stories and Amnesty International requested that the Citizen Lab undertake an independent peer review of a sample of their forensic evidence and their general forensic methodology. We were provided with iTunes backups of several devices and a separate methodology brief, and independently validated that Amnesty International’s forensic methodology correctly identified infections with NSO’s Pegasus spyware.

In its most recent response to the Citizen Lab regarding the The Great iPwn report, NSO Group extended an invitation to meet and discuss the Citizen Lab’s concerns and NSO Group’s “program” in more detail.  We do not believe this invitation is made in good faith and have declined.

في شهري يوليو وأغسطس 2020 استخدم عملاءٌ حكوميون برنامج التجسس بيغاسوس “Pegasus” من مجموعة “NSO” لاختراق 36 هاتفاً شخصياً لصحفيين ومنتجين ومراسلين و مدراء تنفيذيين في قناة الجزيرة. كما تم اختراق هاتف صحفية في قناة العربي، التي مقرها لندن.

Government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates.

Citizen Lab researchers alert pro-independence individuals were targeted in a “possible case of domestic political espionage.”

New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.

The May 2019 WhatsApp Incident As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones simply by ringing the number of a target’s device. Today Oct 29th, WhatsApp is publicly attributing the attack to NSO Group, an Israeli spyware developer that also… Read more »

We urge you to seriously engage with the significant issues raised by your Authority’s investment with Novalpina Capital and we look forward to your outstanding reply to our correspondence dated May 24, 2019.