A new investigation has revealed how NSO Group’s notorious Pegasus spyware was used to infect the devices of three activists in Bahrain, demonstrating yet again the grave threat which Pegasus poses to critics of repressive governments.
Ali Abdulemam from digital rights organization Red Line 4 Gulf, with technical support from Amnesty International and Citizen Lab, found that a lawyer, an online journalist, and a mental health counsellor, all of whom have been critical of the Bahraini authorities, were targeted with Pegasus between June and September 2021. The three cases were first identified by Citizen Lab and independently confirmed by Amnesty International. The Pegasus Project consortium had previously identified Bahrain as a potential client of NSO Group, with hundreds of Bahraini phone numbers included on a leaked list of 50,000 potential Pegasus targets.
“Bahraini authorities have pursued their crackdown on dissent in recent years, tightening their monitoring of digital media, which was the only space left for open discussion after the government outlawed the legal opposition groups. This chilling breach of the right to privacy comes in a context of harassment against human rights defenders, journalists, opposition leaders, and lawyers,” said Lynn Maalouf, Deputy Director for the Middle East and North Africa at Amnesty International.
“Time and again, we have seen how NSO Group’s spyware provides a useful tool for tracking activists and government critics. We are calling on the Bahraini authorities to immediately cease their use of surveillance technologies, and for NSO and other spyware exporters to cease supplying states with this dangerous software until an international regulatory framework compliant with human rights obligations is put in place.”
NSO Group, the Israeli tech company behind the Pegasus spyware, only supplies government clients.
Mohamed al-Tajer is a lawyer who has represented the families of two victims who died due to torture by Bahraini security forces in 2011. Forensic analysis by Amnesty International and Citizen Lab showed that Mohamed’s phone was infected with Pegasus software in September 2021.
Mohamed said he was shocked and saddened by the attack.
“After all of the years of my career as a lawyer, there was nothing I could have done to protect myself from a zero-click hack. The state can hack into your device and gain access to all of your personal information, work information, financial information, emails, and personal and family photos.”
tags: