Skip to main content

Pegasus spyware: Hungary and Poland 'bought software after Netanyahu meeting'

Polish media investigations suggest some Pegasus attacks overlapped with meetings between Netanyahu and country leaders
Hungarian Prime Minister Viktor Orban (R) stands alongside then Israeli Prime Minister Benjamin Netanyahu (L) during a joint press conference with Visegrad country prime ministers in Budapest on 19 July 2017 (AFP)

Israeli company NSO Group sold its Pegasus hacking software to Poland’s anti-corruption body and to Hungary after leaders of both countries met with former Israeli Prime Minister Benjamin Netanyahu, Gazeta Wyborcza reported on Monday.

The Polish Central Anticorruption Bureau (CBA) made the purchase several months after a meeting between Netanyahu and his Polish and Hungarian counterparts at a 2017 Visegrad Group summit in Budapest.

Pegasus: France planned to buy spyware, but cut talks as scandal broke, report says
Read More »

The CBA made the purchase from justice ministry funds, which Gazeta Wyborcza says was illegal, citing sources and documents obtained by the opposition in Poland.

The Associated Press also revealed two weeks ago that at least three Polish opposition figures were hacked in recent years using NSO Group’s flagship product.

The high-profile Polish targets included a senator, a lawyer of the opposition, and a prosecutor challenging populist attempts to subdue the judiciary.

Pegasus allows its users to remotely hack into phones without the target’s knowledge, accessing the contents of their phones and even taking control of it.

Citizen Lab, a cyber security research group at the University of Toronto that worked with AP, found that Krzysztof Brejza’s phone – the targeted Polish senator – was hacked some 33 times between April 2019 and October 2019.

At the time, he was campaigning against the ruling Law and Justice party in parliamentary elections.

Messages illegally taken from Brejza’s phone were aired by state media in a smear campaign aimed at decreasing the opposition’s chances of winning the elections. The ruling party narrowly won the elections.

Overlap with Netanyahu's trips

Last July, Amnesty International, Forbidden Stories and a group of international media organisations revealed that Pegasus spyware had been used in hacks of smartphones belonging to journalists, government officials, human rights activists and political leaders.

The investigative group revealed it had acquired a list of 50,000 phone numbers that appeared to be targets identified by the Israeli company's clients to be spied upon using Pegasus.

Hungary also used the spyware to target at least 10 lawyers, opposition figures and journalists critical of Viktor Orban’s government.

UK-Israel deal: Why spyware scandals won't stop cybersecurity partnership
Read More »

Hungary confirmed it bought and used NSO Group’s product, but it did not comment on the identity of the targeted people.

After AP’s revelations, Polish officials denied any involvement in the targeting of opposition figures, claiming it is possible that foreign countries might have been involved.

However, Gazeta Wyborcza said Poland’s auditor found an invoice for the purchase of the spying software.

Several investigations by Israeli media, such as Haaretz and TheMarker, have suggested that Pegasus attacks by certain countries overlap with Netanyahu visiting them, as was the case for Hungary. This pattern also coincides with visits by the former Israeli premier to Rwanda, Azerbaijan and India.

In response to AP’s revelations, NSO said that the company is a “software provider, the company does not operate the technology nor is the company privy to whom the targets are and to the data collected by the customers.”

They added that “once a democratic country lawfully, following due process, uses tools to investigate a person suspected of committing a crime, this would not be considered a misuse of such tools by any means.”

On 3 November, the US Commerce Department blacklisted NSO and Candiru, another Israeli spyware company, saying their activities were in contravention of American national security interests.

The move bans NSO Group and Candiru from purchasing parts and components from US companies without a special licence.

On Monday, the credit rating service Moody's found that after the restrictions imposed in the US, NSO was facing a growing risk of default on around $500m of debt.