Jordan: Activists' phones hacked with Israeli spyware Pegasus, say privacy groups

Online hackers linked to the Jordanian government have been using Pegasus spyware on the smartphones of human rights activists during protests in the country since 2019, according to a report from privacy groups.

A joint report released on Tuesday by Front Line Defenders and Citizen Lab, two groups focusing on privacy and digital rights violations, found that four Jordanian lawyers, journalists and human rights defenders had been victims of a hacking campaign.

Front Line Defenders and Citizen Lab said that they found that four devices belonging to Jordanian individuals had been hacked with Pegasus between August 2019 and December 2021.

Two spyware operators, MANSAF and BLACKIRIS, were identified as having been active since late December 2018 and December 2020 respectively. Both operators appear to have links to Jordan's security agencies.

'We find once again that a government client of NSO Group has used Pegasus to spy on civil society targets that are neither terrorists nor criminals'

- Front Line Defenders and Citizen Lab

However, MANSAF had also targeted phones in Iraq, Lebanon and Saudi Arabia, while the hacking activities of BLACKIRIS were exclusive to Jordan.

Pegasus was developed by the Israeli NSO Group and used by countries including Morocco, Saudi Arabia and the United Arab Emirates to illegally access the phone data of activists and journalists worldwide.

In a statement, Front Line Defenders and Citizen Lab said that "we find once again that a government client of NSO Group has used Pegasus to spy on civil society targets that are neither terrorists nor criminals".

Ahmed al-Neimat, an anti-corruption activist, Malik Abu Orabi, a lawyer, and Suhair Jaradat, a human rights defender, were targeted by Pegasus.

The fourth was a journalist and women's human rights defender called "A", who wished to remain anonymous for fear of risks she may face.

Front Line Defenders and Citizen Lab said that the new revelation showed an "indisputable indictment against NSO Group, and its ownership, for their inability or unwillingness to put in place even the most basic human rights-respecting safeguards".

Jordanian activists were targeted with Pegasus by using a zero-click technique, harvesting phone data, photos, emails and voice messages, and turning the phone into a tracking and monitoring device.

They have received WhatsApp and iMessage texts directing them to links impersonating websites of news agencies, retailers, clothing and delivery firms.

Active despite lawsuit

The report said that Pegasus spyware was still being used on iOS devices despite Apple launching a lawsuit against NSO Group to "hold it accountable for the surveillance and targeting of Apple users".

"To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services or devices," Apple said in November.

In January, Front Line Defenders revealed that Pegasus had been used to hack the phone of Jordanian lawyer and human rights activist Hala Ahed Deeb.

NSO Group: US blacklists Israeli firms for harming 'national security interests'

Read More »

Since then, the group has said it had received nearly 60 requests from Jordanian human rights defenders, journalists and civil society workers asking it to check their phones for evidence of the Pegasus spyware.

Up to 200 Jordanians were targeted by Pegasus. In February, they called on their government to investigate how their phones had been hacked.

In Israel, the home base for NSO Group, police had used Pegasus to hack the phones of Israeli political activists, mayors, senior officials in a state-owned company, a person close to a Knesset member and criminals without a court order.

Israeli newspaper Calcalist reported in January that Pegasus had also been used to target political activists who had protested against former Israeli prime minister Benjamin Netanyahu in 2021, calling on him to resign as he faced a corruption trial.

In November, the US blacklisted the NSO Group, saying its activities were contrary to its national security interests.

Israel said that it had reduced the number of countries that are eligible to import its cyber technologies by roughly 60 percent, among them Morocco, Saudi Arabia, and the United Arab Emirates.