Exposed: Pegasus Spyware’s Intrusion on Jordan’s Human Rights Advocates

According to a joint report by human rights organizations Access Now and Citizen Lab, the telephones of 35 journalists, activists, human rights defenders, and civil society representatives in Jordan were targeted with the Pegasus spyware developed by the Israeli firm NSO Group.

A total of 35 instances of attempted infections with Pegasus were confirmed, with 6 devices being successfully compromised by the spyware. The assaults were conducted from 2019 through to September 2023.

Pegasus targeted the following groups:

• Non-Governmental Organization representatives – 4 individuals
• Lawyers – 8 individuals
• Journalists and media personnel – 16 individuals
• Activists – 5 individuals
• Politicians – 1 individual
• IT professionals – 1 individual

Some attacks were carried out by masquerading as journalists offering interviews or comments, wherein malicious links to Pegasus were hidden within the text of the messages themselves. In one instance, a victim received a WhatsApp message from someone claiming to be a journalist, seeking comment on a new Jordanian cybercrime law and its impact on freedoms within the country.

It is noted that some victims were subjected to repeated infections, highlighting the persistent nature of the targeted surveillance campaign.

NSO Group contends that the cyber intelligence technology it offers allows governmental agencies and law enforcement bodies to fulfill their primary duties in preventing violence and ensuring public safety, including by circumventing encryption in communication apps without conducting mass surveillance or gaining backdoor access to the devices of all users.

Nevertheless, the attacks on members of Jordan’s civil society exemplify the ongoing misuse that contradicts the company’s statements. Specifically, Zero-Click exploits of Apple iOS such as BLASTPASS, FORCEDENTRY, FINDMYPWN, and PWNYOURHOME were utilized to bypass protective mechanisms and deliver Pegasus through social engineering, including the dissemination of malicious links via WhatsApp and SMS.

Access Now urges governments worldwide, including Jordan’s, to cease the use of such tools and to impose a moratorium on their sale until adequate countermeasures are adopted. It is highlighted that surveillance technologies and cyberweapons like Pegasus from NSO Group are used for targeted persecution of human rights defenders and journalists, posing a threat to their right to privacy, freedom of expression, association, and peaceful assembly, and leading to self-censorship and cessation of activist or journalistic activities due to fear of repression.