Spyware use by separatists in Spain ‘extensive’, says Group | Technical news

By ARITZ PARRA, Associated Press

MADRID (AP) – The phones of dozens of pro-independence supporters in Spain’s northeastern Catalonia, including the regional chief and other elected officials, have been hacked with controversial spyware only available to governments, a cybersecurity rights group said on Monday.

Citizen Lab, a research group affiliated with the University of Toronto, said a large-scale investigation it conducted in collaboration with Catalan civil society groups found that at least 65 people were attacked or sold their devices with so-called “mercenary spyware”. were made by two Israeli companies, NSO Group and Candiru.

NSO said the claim “could not be related to NSO products”. Candiru could not be reached for comment from The Associated Press.

Almost all of the incidents happened between 2017 and 2020, when efforts to create an independent state in north-eastern Spain resulted in the country’s deepest political crisis in decades. The former Catalan cabinet, which pushed an illegal referendum on independence, has been sacked. Most of its members were imprisoned or fled the country, including former regional president Carles Puigdemont.

Political cartoons about world leaders

Political cartoons

NSO’s Pegasus spyware has been used around the world to penetrate the phones and computers of human rights activists, journalists and even Catholic clergy. The company has been subject to export restrictions by the US federal government, which has accused NSO of carrying out “transnational repression”. NSO has also been taken to court by major tech companies, including Apple and Meta, the owner of WhatsApp.

Citizen Lab said its investigations into the use of Pegasus and spyware in Spain, developed by Candiru – another Israeli firm founded by former NSO employees – began in late 2019 after uncovering a handful of cases linked to high-profile Catalan independence supporters aimed. Amnesty International said its technical experts had independently verified the attacks.

The Toronto-based nonprofit said it could not find any conclusive evidence to attribute the hacking of Catalan phones to any specific entity.

“However, a number of pieces of evidence point to a strong connection with one or more entities within the Spanish government,” Citizen Lab said.

Spain’s Interior Ministry said that neither a ministry department nor the National Police or the Civil Guard “ever had any relationship with NSO and therefore never used any of their services”. The ministry’s statement states that in Spain “all interventions in communications will be carried out under court order and in full respect of legality”.

The prime minister’s office did not immediately respond to questions from AP. A spokeswoman for the Defense Ministry, which oversees Spain’s armed forces and intelligence agencies, declined to clarify whether it had contracted NSO or Candiru software.

“The Spanish government always acts according to the law,” said the spokeswoman, who was not allowed to be named in the media.

Pegasus infiltrates phones to steal personal and location data, and also secretly controls smartphone microphones and cameras, turning them into real-time surveillance devices. NSO Group’s stealthiest hacking software uses “zero-click” exploits to infect targeted mobile phones without user interaction.

The NSO Group claimed that it was attacked by Citizen Lab and Amnesty International with “inaccurate and unsubstantiated reports” and “false” claims that “could not be linked to NSO products for technological and contractual reasons”.

“We have repeatedly cooperated with government investigations where credible allegations are warranted,” an NSO spokesman said in a statement.

According to Citizen Lab, signs of a previously unidentified “zero-click” exploit were found on infected devices from Catalans in late 2019 and early 2020 before Apple updated its mobile operating system to fix vulnerabilities.

Among the targets were at least three European lawmakers representing Catalan separatist parties, members of two prominent pro-independence civil society groups, their lawyers and various elected officials

The revelations come as European Union lawmakers hold the first meeting of a committee on Tuesday to deal with breaches of EU law related to the use of hacker-for-hire spyware.

Four former Catalan regional presidents, including Puigdemont and his successor Quim Torra, during his tenure, were also directly or indirectly spied on, the researchers said.

Current Catalan President Pere Aragonès, whose phone was infected when he was Torra’s deputy from 2018 to 2020, according to Citizen Lab, said: “Massive espionage against the Catalan independence movement is an unjustifiable disgrace, an attack on fundamental rights and democracy. “

Because the software can only be purchased by government agencies, the Spanish government needs to make a statement, Aragonès said in a series of tweets.

“Excuses are not valid,” he wrote. “Spying on citizen representatives, lawyers or civil rights activists is a red line.”

In response to Amnesty International’s 2020 formal request for full disclosure of contracts with private digital surveillance companies, Spain’s defense ministry said information was classified, the rights group said on Monday.

“The Spanish government needs to clarify whether or not it is a customer of NSO Group,” said Likhita Banerji, an Amnesty International researcher. “It must also conduct a thorough, independent investigation into the use of Pegasus spyware against the identified Catalans.”

In a separate report also released Monday, Citizen Lab said it also found evidence in 2020 and 2021 that the UK Prime Minister’s office was infected with Pegasus spyware linked to the United Arab Emirates . It said it found suspected infections at the UK Foreign Office linked to the United Arab Emirates, India, Cyprus and Jordan.

The group said it had informed the UK government of the findings.

Other countries where Citizen Lab and other public interest researchers have confirmed Pegasus infections among political dissidents and journalists critical of the government include Poland, Mexico, El Salvador and Hungary.

The NSO Group claims that it only sells Pegasus to government agencies to target criminals and terrorists, but hundreds of cases have been documented of it being used against human rights defenders and other activists, lawyers, reporters and their relatives.

Frank Bajak in Boston and Jill Lawless in London contributed to this report.

Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, transcribed or redistributed.

Leave a Reply

Your email address will not be published.