French President Emanuel Macron is among more than a dozen world leaders whose phone numbers have appeared in a leaked database from surveillance company NSO, linked to its Pegasus malware.
The revelations don’t necessarily mean the leaders’ phones were hacked, but suggest the people on the list were potential surveillance targets for government clients of the private hacking company.
It puts the world leaders in the company of journalists, business leaders and human rights activists, some of whom Amnesty International says were victims of spying.
The 50,000 phone numbers in the list could have become targets for Pegasus, which can take control of a phone’s data, microphone and camera without the user knowing.
Here’s what you need to know on the revelations, first reported by a global media consortium known as the Pegasus Project, which included journalists from the Guardian, the Washington Post and Le Monde.
What is NSO and its Pegasus malware?
NSO Group is an Israeli cybersecurity company that’s been described as a hacker for hire, and Pegasus spyware is a tool for monitoring targeted people.
Once Pegasus has infected a target’s phone, it can vacuum up personal and location data and seize control of device microphones and cameras.
NSO claims to sell only to “vetted government agencies” for use against terrorists and major criminals.
Amnesty International says the Pegasus malware is so effective that it can hack even the latest versions of Apple’s iPhone operating system.
Apple head of security engineering Ivan Krstić did not directly address that claim, instead emphasising the rarity of such targeted attacks and the company’s dedication to the security of its users.
Who is on the list?
The leaked list of 50,000 phone numbers does not show people who have been hacked with Pegasus. Rather, it is reported to show people selected by NSO clients for potential surveillance.
Members of the media consortium reported the phone numbers of Mr Macron along with Pakistani Prime Minister Imran Khan, South African President Cyril Ramaphosa, and King Mohammed VI of Morocco were present in the list.
Also in the list were dozens of journalists, hundreds of politicians and government officials, at least 65 business executives and 85 human rights activists.
And that’s just from the 1,000 phone numbers the journalists were able to identify.
Perhaps understandably, none of the 13 world leaders gave journalists access to their phones to check whether they had been compromised with Pegasus.
But Amnesty said it had examined the phones of 67 people on the list, and found attempted or successful Pegasus infections on 37.
Amnesty said its forensic researchers had determined that Pegasus was successfully installed on the phone of the fiancee of Washington Post journalist Jamal Khashoggi, just four days after he was killed in a Saudi consulate in Turkey.
NSO had previously been implicated in other spying on Khashoggi.
NSO denies ever maintaining a list of “potential, past or existing targets”.
The company does not disclose its clients and claims it has ”no visibility” into the data, denying any association with Khashoggi’s murder.
What has the reaction been?
The media consortium worked with a Paris based non-profit called forbidden stories and Amnesty International to examine the leaked list.
“NSO’s spyware is a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent,” Agnès Callamard, the head of Amnesty International, said.
After an Amnesty forensic analysis published on Sunday showed it was hosting NSO infrastructure, Amazon Web Services said it had shut down accounts of the Israeli company that were “confirmed to be supporting the reported hacking activity.”
According to the The Committee to Protect Journalists, few effective barriers exist to prevent autocratic governments from using sophisticated surveillance technology to attempt cowing or silencing a free press.
Following first reports by consortium members earlier this week, the Paris prosecutor’s office said it was investigating the suspected widespread use of Pegasus to target journalists, human rights activists and politicians in multiple countries.