Spyware sold by the Israeli company NSO Group was used to hack an iPhone belonging to the chief executive officer of leading Russian independent media organization Meduza, according to security researchers.
(Bloomberg) — Spyware sold by the Israeli company NSO Group was used to hack an iPhone belonging to the chief executive officer of leading Russian independent media organization Meduza, according to security researchers.
Galina Timchenko, a Russian journalist and co-founder of Meduza, discovered in June that her phone had been compromised after receiving an alert from Apple Inc. that said state-sponsored attackers may have been targeting her. Digital-rights researchers at Access Now and Citizen Lab analyzed her device and confirmed it had been infected with NSO Group’s “Pegasus” spyware, the researchers said Wednesday.
NSO sells its spyware to government and law enforcement agencies, who use it to covertly break into mobile phones and remotely eavesdrop on calls and record messages. The hack is the first documented case of Pegasus being used to target a Russian journalist, according to Access Now. But it isn’t clear who was responsible. NSO has sold its hacking technology to numerous government agencies in countries worldwide, according to the researchers.
A spokesperson for NSO Group said in a statement that it “only sells its technologies to allies of the US and Israel and always investigates credible allegations of misuse, taking prompt action if warranted.”
Timchenko’s phone was hacked in February, the researchers found, two weeks after the Russian prosecutor general’s office designated Meduza as an illegal organization because it posed “a threat to the foundations” of Russia’s constitutional order and security, according to the Russian news agency Interfax.
At the time her phone was infected with the spyware, Timchenko, who lives in Latvia, was in Berlin, attending a meeting with other exiled members of Russian independent media, according to Access Now’s report. The spyware exploited what’s known as a “zero click” vulnerability — meaning Timchenko’s phone was compromised silently without her clicking a malicious link or performing any other action.
Ivan Kolpakov, Meduza’s editor-in-chief, said in an interview on Wednesday that whomever was responsible for carrying out the hack, his organization had been left disturbed by the incident.
“We escaped Russia because we didn’t want to deal with this kind of behavior” from secret services, he said. “We started Meduza in 2014 in Latvia because this is exactly the type of risk we wanted to avoid. It means we are not safe even in Europe.”
NSO Group has previously said that its technology is intended to be used to investigate serious criminals. But the company has been persistently accused by rights groups and media organizations of selling its technology to governments who have used it to target political opponents, activists and journalists. In November 2021, the US Commerce Department blacklisted the company, accusing it of enabling “transnational repression.”
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.