Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks


As the Middle East nation enforces strict cybercrime laws, citizens face crackdowns on free speech with nearly three dozen journalists and lawyers targeted with the NSO Groups spyware.



Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years.
According to an
analysis published
by digital rights group Access Now, in total 16 journalists and media staff, eight human-rights lawyers, and 11 other members of human-rights groups and non-governmental organizations (NGOs) were targeted by state-sponsored attackers (the report intimated it was the Jordanian government itself) using the Pegasus rootkit and surveillance tool, the investigation found.
While the investigation started in 2021, the actual attacks started in 2019, with 30 victims discovered by Access Now and Citizen Lab, part of the Munk School of Global Affairs and Public Policy at the University of Toronto, while another five victims were uncovered by Human Rights Watch, Amnesty International, and the Organized Crime and Corruption Reporting Project (OCCRP).
Using surveillance tools to wiretap and track the activities of journalists and lawyers undermines free society, warned Access Now.
Surveillance technologies and cyberweapons such as NSO Groups Pegasus spyware are used to target human rights defenders and journalists, to intimidate and dissuade them from their work, to infiltrate their networks, and to gather information for use against other targets, Access Now stated in its report. The targeted surveillance of individuals violates their right to privacy, freedom of expression, association, and peaceful assembly.
The surveillance revelations come as Jordans government is cracking down on cybercrime, amending its statutes with a new law in 2023 that, critics say, is
overly vague and ripe for abuse
. Specific articles outlaw speech that promotes or instigates immorality, demonstrates a contempt for religion, or undermines national unity,
according to reports
.
The law garnered criticism from the
United Nations Office of the High Commissioner for Human Rights
and
non-governmental organizations in the region
.
The individuals are the latest to be targeted by governments with the NSO Groups surveillance software. In September, for example, Pegasus spyware was
detected on the phone of an exiled Russian journalist
, apparently installed with a zero-click exploit (one that requires no action by the user). In December 2022, a group of
nearly two dozen journalists in El Salvador
sued the NSO Group for its part in surveillance of the reporters.
Governments are using the software to target critics and activists without due process, says Ilia Kolochenko, founder of ImmuniWeb, a penetration testing service provider.
Journalists and lawyers are commonly protected from overly intrusive investigations by the virtue of criminal procedure or another legislation that was not specifically designed to offer robust protection from cyber investigations, he says, adding: The Middle East traditionally had less privacy related legislation; however, now the situation [is] rapidly changing.
In 2016, Citizen Lab and mobile security firm Lookout released an analysis of the Pegasus spyware, which targeted iOS devices. A year later, Lookout teamed with Google to
release an analysis of the Android version
. Since then, Israel-based NSO Group has continued to find ways to install its surveillance software on targeted individuals devices — sometimes requiring social engineering and other times with no activity by the users.
In the latest case, both types of attacks took place, according to Access Now.
The Pegasus victims we uncovered were targeted with both zero-click and one-click attacks, Access Now stated in its report. We also observed sophisticated social engineering attacks delivering malicious links to victims via WhatsApp and SMS. In some cases, perpetrators posed as journalists, seeking a media interview or a quote from targeted victims, while embedding malicious links to Pegasus spyware amid and in between their messages.
In January 2022, Access Now and Front Line Defenders first discovered Pegasus being used to hack Jordanian citizens, and by April 2022, the groups had detected at least five lawyers and journalists.
The NSO Group did not confirm nor deny Access Nows findings. 
Due to regulatory and contractual constrains, NSO Group cannot confirm or deny who its governmental customers are, a company spokesperson states. The company only sells to vetted and licensed law enforcement and intelligence agencies for the purpose of investigating and preventing serious crime and terror.
The NSO Group spokesperson points to
its 2023 Transparency and Responsibility Report
to highlight its criteria in allowing sales of software to the governments of specific nations.
We help government intelligence and law enforcement agencies lawfully address their most pressing national security and public safety issues, the report stated, pointing to the terrorist attacks on Israel by Hamas as an example of the type of incident the company is trying to prevent. Cyber intelligence technology is a critical tool for preventing and investigating terrorism and serious crimes, and for thereby protecting individuals fundamental rights to life, liberty, and security.
For the most part, better policy is needed to rein in the use of spyware and exploits against individual users. The targeting of journalists, lawyers, and activists for exercising free speech shows that additional protections need to be put in place, says ImmuniWebs Kolochenko.
Its a cat-and-mouse game — privacy technologies will continually improve but cybersecurity experts or hackers will continually bypass them, he says. I would rather implement protection on the legislative layer, ensuring a transparent and efficient supervision of cyber operations by law enforcement agencies that would both protect confidential information about investigations and ensure due process.
While the NSO Group has found ways —
and bought exploits on secondary markets
— to get around smartphone and computer defenses, keeping devices up-to-date and remaining vigilant of links and attachments can make the devices much harder to compromise, he says.

Last News

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks