Pegasus has claimed another civil society victim: two phones belonging to Lama Fakih, director of conflicts and crises for Human Rights Watch (HRW) as well as the NGO’s office in Beirut, Lebanon, have been infected by powerful spyware.
At the end of November, the Lebanese-American was warned by Apple, like others before her, that her phone could have been targeted by Pegasus. Technical analyzes then revealed traces of this software within two of its iPhones: the infection took place between April and August 2021.
In late November, after receiving an iMessage alert from Apple, I learned that #NSO’s #Pegasus spyware was used to… https://t.co/x8q1uYRYP2
At the time, Lama Fakih was investigating in particular the deadly explosion which devastated the port of Beirut in August 2020. The Human Rights Watch report, very critical of the highest officials of the Lebanese state, was published in August 2021.
However, Lebanon is not among the known customers of the Israeli company NSO Group, which manufactures Pegasus. On the contrary, the country is rather among the victims of this tool, as shown by the “Pegasus Project”, a vast collaborative investigation into the excesses of spyware, to which The world participated.
So who ? Lama Fakih, whose work also focuses on Syria, Burma, Israel or the Palestinian territories, has no idea. Although, given her exposed position, she tried to take precautions and did not check her emails or access the NGO’s internal network using the infected phones, learning that she had been hacked the at “submerged”.
“I was really scared, I couldn’t believe it. A million ideas cross your mind at that moment. Why would I be targeted in this way, and how? Which government had done this? What does this mean for my safety and that of anyone whose data may be compromised as a result of this attack? What were they able to access, and what was compromised? How can I prevent this from happening again? I still ask myself many of these questions and I will probably never have the answers. We’ll probably never know who attacked my phone, or why.” said M.me Fakih.
Phone takeover
Once installed on a mobile phone, Pegasus is able to access the camera, geolocation, messages exchanged, and even activate the microphone. Thanks to a defect present in the Apple software running iPhones, since corrected, Pegasus was able to infect a smartphone without any action on the part of the victim (such as, for example, opening an email trap).
You have 58.11% of this article left to read. The following is for subscribers only.