Pegasus spyware used against anti-corruption journalists in Mexico

A new report has revealed that Pegasus spyware has been used in Mexico after the president explicitly said the government was no longer using malware.

It was used to capture data from the phones of two journalists who specialize in covering government corruption, as well as a prominent human rights defender…


NSO Group manufactures spyware called Pegasus, which is sold to the government and law enforcement agencies. The company buys so-called zero-day exploits (those that Apple doesn’t know about) from hackers, and its software is said to be capable of mounting zero-pressure exploits – as the target doesn’t require user intervention.

In particular, it has been reported that receiving a certain iMessage – without opening it or interacting with it in any way – can allow an iPhone to be hacked, with personal data exposed.

NSO and Apple have been engaged for years in a battle in which the spyware company exploits iOS vulnerabilities, Apple patches them, NSO uses new vulnerabilities, etc.

Recently, Apple alerted owners of infected iPhones, and introduced a Lockdown mode in iOS 16, which protects iPhones from Pegasus, but severely limits the functionality to do so.

Pegasus spyware used in Mexico

It was discovered that the Mexican government was using Pegasus back in 2017, under the previous regime.

Several sectors of Mexican civil society have been targeted, including investigative journalists and lawyers for families of cartel victims, anti-corruption groups, prominent lawmakers, international investigators examining enforced disappearances, and even the wife of a journalist killed in the cartel killing.

After public outrage, when current President López Obrador took power, he said Pegasus had been used against him when he was in opposition, and promised that his government would not use the surveillance system.

When we were in the opposition we were spied on (…) Now this is forbidden […] We don’t. We do not do this because it is a matter of principle.

But Pegasus has already been used after this promise

Security researchers at Citizen Lab Claims that Pegasus was actually used after this promise have been validated.

R3D, with technical support from Citizen Lab, has decided to infect two Mexican journalists and a human rights defender with Pegasus between 2019 and 2021. […]

The 2019-2021 infection took advantage of zero-click attacks: there was no need for phishing to trick victims into clicking. Citizen Lab’s previous reports of Mexican cases found malicious text messages designed to trick targets into clicking on a link that could lead to an infection.

Researchers say they can’t specifically point to the Mexican government as the culprit, but all signs point in that direction — and it also appears to support allegations of continued corruption.

We assess with high confidence that these individuals have been hacked with Pegasus spyware. The technical data available for these latest instances (2019-2021) does not enable us to attribute the breach to a specific NSO Group customer at this time. However, each of the victims will be of great interest to entities within the Mexican government and, in some cases, alarmingly, to the cartels.

Photo: Miguel Thomas/Unsplash

FTC: We use affiliate links to earn income. more.

Check out 9to5Mac on YouTube for more Apple news:

Source link

Write a Reply or Comment

Your email address will not be published. Required fields are marked *