Spain Uses Pegasus Spyware to Target Catalan Official iPhones: Report
Catalonia’s regional leader accused the Spanish government on Monday of spying on its citizens after a rights group said his phone and dozens more belonging to Catalan pro-independence figures had been infected with spyware used by sovereign states.
A new investigation by The Citizen Lab has found that the Catalan president, Pere Aragones, was hacked by the NSO Group’s Pegasus software in one of Europe’s most significant phone-hacking cases.
The Citizen Lab, a research group affiliated with the University of Toronto, said that a large-scale investigation it had conducted in collaboration with Catalan civil society groups found that at least 65 individuals were targeted or infected with what it calls “mercenary spyware” sold by two Israeli companies, NSO Group and Candiru.
NSO’s Pegasus has been used around the world to break into the phones and computers of human rights activists, journalists, and even members of the Catholic clergy. The firm has been subject to export limits by the US federal government, which has accused NSO of conducting “transnational repression.” NSO has also been brought to court by major technology companies.
The Citizen Lab said its investigations into the use in Spain of Pegasus and spyware developed by Candiru — another Israeli firm founded by former NSO employees — started in mid-2020 after a handful of cases also targeting high-profile Catalan pro-independence individuals were revealed.
Gonzalo Boye, a lawyer who has represented numerous Catalan political figures, including former presidents Carles Puigdemont and Quim Torra, was targetted 18 times with Pegasus infection attempts between January and May 2020. Some of the attempts carried out via SMS were messages disguised as tweets from organizations like Human Rights Watch, The Guardian, Columbia Journalism Review, and Politico.
Citizens Lab has collected “more than 200 such messages” that involved operators sending text messages containing malicious links, which, once clicked on, would infect the device through a Pegasus exploit server.
While Citizen Lab has not attributed the hacking to a specific group, they have said that “circumstantial evidence suggests a strong nexus with the government of Spain, including the nature of the victims and targets, the timing, and the fact that Spain is reported to be a government client of NSO Group.”
“We are not criminals,” Aragones told The New Yorker. “What we want from the Spanish authorities is transparency.”