Private Israeli Spyware Used Against Activists and Journalists

By Dana Priest, Craig Timberg and Souad Mekhennet, The Washington Post

19 July 21

NSO Group’s Pegasus spyware, licensed to governments around the globe, can infect phones without a click

ilitary-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.

The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.

The list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance, in some cases as brief as a few seconds.

Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a human rights group, had access to the list and shared it with the news organizations, which did further research and analysis. Amnesty’s Security Lab did the forensic analyses on the smartphones.

The numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and prime ministers also appeared on the list.

Among the journalists whose numbers appear on the list, which dates to 2016, are reporters working overseas for several leading news organizations, including a small number from CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar.

The targeting of the 37 smartphones would appear to conflict with the stated purpose of NSO’s licensing of the Pegasus spyware, which the company says is intended only for use in surveilling terrorists and major criminals. The evidence extracted from these smartphones, revealed here for the first time, calls into question pledges by the Israeli company to police its clients for human rights abuses.

The media consortium, titled the Pegasus Project, analyzed the list through interviews and forensic analysis of the phones, and by comparing details with previously reported information about NSO. Amnesty’s Security Lab examined 67 smartphones where attacks were suspected. Of those, 23 were successfully infected and 14 showed signs of attempted penetration.

For the remaining 30, the tests were inconclusive, in several cases because the phones had been replaced. Fifteen of the phones were Android devices, none of which showed evidence of successful infection. However, unlike iPhones, Androids do not log the kinds of information required for Amnesty’s detective work. Three Android phones showed signs of targeting, such as Pegasus-linked SMS messages.

Amnesty shared backup copies of data on four iPhones with Citizen Lab, which confirmed that they showed signs of Pegasus infection. Citizen Lab, a research group at the University of Toronto that specializes in studying Pegasus, also conducted a peer review of Amnesty’s forensic methods and found them to be sound.

In lengthy responses before publication, NSO called the investigation’s findings exaggerated and baseless. It also said it does not operate the spyware licensed to its clients and “has no insight” into their specific intelligence activities.

After publication, NSO chief executive Shalev Hulio expressed concern in a phone interview with The Post about some of the details he had read in Pegasus Project stories Sunday, while continuing to dispute that the list of more than 50,000 phone numbers had anything to do with NSO or Pegasus.

“The company cares about journalists and activists and civil society in general,” Hulio said. “We understand that in some circumstances our customers might misuse the system and, in some cases like we reported in [NSO’s] Transparency and Responsibility Report, we have shut down systems for customers who have misused the system.”

He said that in the past 12 months NSO had terminated two contracts over allegations of human rights abuses, but he declined to name the countries involved.

“Every allegation about misuse of the system is concerning me,” he said. “It violates the trust that we give customers. We are investigating every allegation.”

NSO describes its customers as 60 intelligence, military and law enforcement agencies in 40 countries, although it will not confirm the identities of any of them, citing client confidentiality obligations. The consortium found many of the phone numbers in at least 10 country clusters, which were subjected to deeper analysis: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates. Citizen Lab also has found evidence that all 10 have been clients of NSO, according to Bill Marczak, a senior research fellow.

Forbidden Stories organized the media consortium’s investigation, and Amnesty provided analysis and technical support but had no editorial input. Amnesty has openly criticized NSO’s spyware business and supported an unsuccessful lawsuit against the company in an Israeli court seeking to have its export license revoked. After the investigation began, several reporters in the consortium learned that they or their family members had been successfully attacked with Pegasus spyware.

Beyond the personal intrusions made possible by smartphone surveillance, the widespread use of spyware has emerged as a leading threat to democracies worldwide, critics say. Journalists under surveillance cannot safely gather sensitive news without endangering themselves and their sources. Opposition politicians cannot plot their campaign strategies without those in power anticipating their moves. Human rights workers cannot work with vulnerable people — some of whom are victims of their own governments — without exposing them to renewed abuse.

For example, Amnesty’s forensics found evidence that Pegasus was targeted at the two women closest to Saudi columnist Khashoggi, who wrote for The Post’s Opinions section. The phone of his fiancee, Hatice Cengiz, was successfully infected during the days after his murder in Turkey on Oct. 2, 2018, according to a forensic analysis by Amnesty’s Security Lab. Also on the list were the numbers of two Turkish officials involved in investigating his dismemberment by a Saudi hit team. Khashoggi also had a wife, Hanan Elatr, whose phone was targeted by someone using Pegasus in the months before his killing. Amnesty was unable to determine whether the hack was successful.

“This is nasty software — like eloquently nasty,” said Timothy Summers, a former cybersecurity engineer at a U.S. intelligence agency and now director of IT at Arizona State University. With it “one could spy on almost the entire world population. … There’s not anything wrong with building technologies that allows you to collect data; it’s necessary sometimes. But humanity is not in a place where we can have that much power just accessible to anybody.”

In response to detailed questions from the consortium before publication, NSO said in a statement that it did not operate the spyware it licensed to clients and did not have regular access to the data they gather. The company also said its technologies have helped prevent attacks and bombings and broken up rings that trafficked in drugs, sex and children. “Simply put, NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds,” NSO said. “Your sources have supplied you with information that has no factual basis, as evidenced by the lack of supporting documentation for many of the claims.”

The company denied that its technology was used against Khashoggi, or his relatives or associates.

“As NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi. This includes listening, monitoring, tracking, or collecting information. We previously investigated this claim, immediately after the heinous murder, which again, is being made without validation.”

Thomas Clare, a libel attorney hired by NSO, said that the consortium had “apparently misinterpreted and mischaracterized crucial source data on which it relied” and that its reporting contained flawed assumptions and factual errors.

“NSO Group has good reason to believe that this list of ‘thousands of phone numbers’ is not a list of numbers targeted by governments using Pegasus, but instead, may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes,” Clare wrote.

In response to follow-up questions, NSO called the 50,000 number “exaggerated” and said it was far too large to represent numbers targeted by its clients. Based on the questions it was being asked, NSO said, it had reason to believe that the consortium was basing its findings “on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers targets of Pegasus or any other NSO products … we still do not see any correlation of these lists to anything related to use of NSO Group technologies.”

The term HLR, or Home Location Register, refers to a database that is essential to operating cellular phone networks. Such registers keep records on the networks of cellphone users and their general locations, along with other identifying information that is used routinely in routing calls and texts. HLR lookup services operate on the SS7 system that cellular carriers use to communicate with each other. The services can be used as a step toward spying on targets.

Telecommunications security expert Karsten Nohl, chief scientist for Security Research Labs in Berlin, said that he does not have direct knowledge of NSO’s systems but that HLR lookups and other SS7 queries are widely and inexpensively used by the surveillance industry — often for just tens of thousands of dollars a year.

“It’s not difficult to get that access. Given the resources of NSO, it’d be crazy to assume that they don’t have SS7 access from at least a dozen countries,” Nohl said. “From a dozen countries, you can spy on the rest of the world.”

Pegasus was engineered a decade ago by Israeli ex-cyberspies with government-honed skills. The Israeli Defense Ministry must approve any license to a government that wants to buy it, according to previous NSO statements.

“As a matter of policy, the State of Israel approves the export of cyber products exclusively to governmental entities, for lawful use, and only for the purpose of preventing and investigating crime and counterterrorism, under end-use/end user certificates provided by the acquiring government,” a spokesperson for the Israeli defense establishment said Sunday. “In cases where exported items are used in violation of export licenses or end-use certificates, appropriate measures are taken.”

The numbers of about a dozen Americans working overseas were discovered on the list, in all but one case while using phones registered to foreign cellular networks. The consortium could not perform forensic analysis on most of these phones. NSO has said for years that its product cannot be used to surveil American phones. The consortium did not find evidence of successful spyware penetration on phones with the U.S. country code.

“We also stand by our previous statements that our products, sold to vetted foreign governments, cannot be used to conduct cybersurveillance within the United States, and no customer has ever been granted technology that would enable them to access phones with U.S. numbers,” the company said in its statement. “It is technologically impossible and reaffirms the fact your sources’ claims have no merit.”

Apple and other smartphone manufacturers are years into a cat-and-mouse game with NSO and other spyware makers.

“Apple unequivocally condemns cyberattacks against journalists, human rights activists and others seeking to make the world a better place,” said Ivan Krstić, head of Apple Security Engineering and Architecture. “For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

Some Pegasus intrusion techniques detailed in a 2016 report were changed in a matter of hours after they were made public, underscoring NSO’s ability to adapt to countermeasures.

Pegasus is engineered to evade defenses on iPhones and Android devices and to leave few traces of its attack. Familiar privacy measures like strong passwords and encryption offer little help against Pegasus, which can attack phones without any warning to users. It can read anything on a device that a user can, while also stealing photos, recordings, location records, communications, passwords, call logs and social media posts. Spyware also can activate cameras and microphones for real-time surveillance.

“There is just nothing from an encryption standpoint to protect against this,” said Claudio Guarnieri, a.k.a. “Nex,” the Amnesty Security Lab’s 33-year-old Italian researcher who developed and performed the digital forensics on 37 smartphones that showed evidence of Pegasus attacks.

That sense of helplessness makes Guarnieri, who often dresses head-to-toe in black, feel as useless as a 14th-century doctor confronting the Black Plague without any useful medication. “Primarily I’m here just to keep the death count,” he said.

The attack can begin in different ways. It can come from a malicious link in an SMS text message or an iMessage. In some cases, a user must click on the link to start the infection. In recent years, spyware companies have developed what they call “zero-click” attacks, which deliver spyware simply by sending a message to a user’s phone that produces no notification. Users do not even need to touch their phones for infections to begin.

Many countries have laws pertaining to traditional wiretapping and interception of communications, but few have effective safeguards against deeper intrusions made possible by hacking into smartphones. “This is more devious in a sense because it really is no longer about intercepting communications and overhearing conversation. … This covers all of them and goes way beyond that,” Guarnieri said. “It has raised a lot of questions from not only human rights, but even national constitutional laws as to is this even legal?”

Clare, NSO’s attorney, attacked the forensic examinations as “a compilation of speculative and baseless assumptions” built on assumptions based on earlier reports. He also said, “NSO does not have insight into the specific intelligence activities of its customers.”

The Pegasus Project’s findings are similar to previous discoveries by Amnesty, Citizen Lab and news organizations worldwide, but the new reporting offers a detailed view of the personal consequences and scale of surveillance and its abuses.

The consortium analyzed the list and found clusters of numbers with similar country codes and geographical focus that align with previous reporting and additional research about NSO clients overseas. For example, Mexico has been previously identified in published reports and documents as an NSO client, and entries on the list are clustered by Mexican country code, area code and geography. In several cases, clusters also contained numbers from other countries.

In response to questions from reporters, spokespeople for the countries with clusters either denied Pegasus was used or denied that their country had abused their powers of surveillance.

Hungarian Prime Minister Viktor Orban’s office said any surveillance carried out by that nation is done in accordance with the law.

“In Hungary, state bodies authorized to use covert instruments are regularly monitored by governmental and non-governmental institutions,” the office said. “Have you asked the same questions of the governments of the United States of America, the United Kingdom, Germany or France?”

Moroccan authorities responded: “It should be recalled that the unfounded allegations previously published by Amnesty International and conveyed by Forbidden Stories have already been the subject of an official response from the Moroccan authorities, who have categorically rejected these allegations.”

Vincent Biruta, Rwanda’s foreign affairs minister, also denied the use of Pegasus.

“Rwanda does not use this software system, as previously confirmed in November 2019, and does not possess this technical capability in any form,” Biruta said. “These false accusations are part of an ongoing campaign to cause tensions between Rwanda and other countries, and to sow disinformation about Rwanda domestically and internationally.”

‘What a question!’

Some expressed outrage even at the suggestion of spying on journalists.

A reporter for the French daily Le Monde working on the Pegasus Project recently posed such a question to Hungarian Justice Minister Judit Varga during an interview about the legal requirements for eavesdropping:

“If someone asked you to tape a journalist or an opponent, you wouldn’t accept this?”

“What a question!” Varga responded. “This is a provocation in itself!” A day later, her office requested that this question and her answer to it “be erased” from the interview.

In the past, NSO has blamed its client countries for any alleged abuses. NSO released its first “Transparency and Responsibility Report” last month, arguing that its services are essential to law enforcement and intelligence agencies trying to keep up with the 21st century.

“Terror organizations, drug cartels, human traffickers, pedophile rings and other criminal syndicates today exploit off-the-shelf encryption capabilities offered by mobile messaging and communications applications.

“These technologies provide criminals and their networks a safe haven, allowing them to ‘go dark’ and avoid detection, communicating through impenetrable mobile messaging systems. Law enforcement and counterterrorism state agencies around the world have struggled to keep up.”

NSO also said it conducts rigorous reviews of potential customers’ human rights records before contracting with them and investigates reports of abuses, although it did not cite any specific cases. It asserted that it has discontinued contracts with five clients for documented violations and that the company’s due diligence has cost it $100 million in lost revenue. A person familiar with NSO operations who spoke on the condition of anonymity to discuss internal company matters noted that in the last year alone NSO had terminated contracts with Saudi Arabia and Dubai in the United Arab Emirates over human rights concerns.

“Pegasus is very useful for fighting organized crime,” said Guillermo Valdes Castellanos, head of Mexico’s domestic intelligence agency CISEN from 2006 to 2011. “But the total lack of checks and balances [in Mexican agencies] means it easily ends up in private hands and is used for political and personal gain.”

Mexico was NSO’s first overseas client in 2011, less than a year after the firm was founded in Israel’s Silicon Valley, in northern Tel Aviv.

In 2016 and 2017, more than 15,000 Mexicans appeared on the list examined by the media consortium, among them at least 25 reporters working for the country’s major media outlets, according to the records and interviews.

One of them was Carmen Aristegui, one of the most prominent investigative journalists in the country and a regular contributor to CNN. Aristegui, who is routinely threatened for exposing the corruption of Mexican politicians and cartels, was previously revealed as a Pegasus target in several media reports. At the time, she said in a recent interview, her producer was also targeted. The new records and forensics show that Pegasus links were detected on the phone of her personal assistant.

“Pegasus is something that comes to your office, your home, your bed, every corner of your existence,” Aristegui said. “It is a tool that destroys the essential codes of civilization.”

Unlike Aristegui, freelance reporter Cecilio Pineda was unknown outside his violence-wracked southern state of Guerrero. His number appears twice on the list of 50,000. A month after the second listing, he was gunned down while lying in a hammock at a carwash while waiting for his car. It is unclear what role, if any, Pegasus’s ability to geolocate its targets in real time contributed to his murder. Mexico is among the deadliest countries for journalists; 11 were killed in 2017, according to Reporters Without Borders.

“Even if Forbidden Stories were correct that an NSO Group client in Mexico targeted the journalist’s phone number in February 2017, that does not mean that the NSO Group client or data collected by NSO Group software were in any way connected to the journalist’s murder the following month,” Clare, NSO’s lawyer, wrote in his letter to Forbidden Stories. “Correlation does not equal causation, and the gunmen who murdered the journalist could have learned of his location at a public carwash through any number of means not related to NSO Group, its technologies, or its clients.”

Mexico’s Public Security Ministry acknowledged last year that the domestic intelligence agency, CISEN, and the attorney general’s office acquired Pegasus in 2014 and discontinued its use in 2017 when the license expired. Mexican media have also reported that the Defense Ministry used the spyware.

Snowden’s legacy

Today’s thriving international spyware industry dates back decades but got a boost after the unprecedented 2013 disclosure of highly classified National Security Agency documents by contractor Edward Snowden. They revealed that the NSA could obtain the electronic communications of almost anyone because it had secret access to the transnational cables carrying Internet traffic worldwide and data from Internet companies such as Google and giant telecommunications companies such as AT&T.

Even U.S. allies in Europe were shocked by the comprehensive scale of the American digital spying, and many national intelligence agencies set out to improve their own surveillance abilities. For-profit firms staffed with midcareer retirees from intelligence agencies saw a lucrative market-in-waiting free from the government regulations and oversight imposed on other industries.

The dramatic expansion of end-to-end encryption by Google, Microsoft, Facebook, Apple and other major technology firms also prompted law enforcement and intelligence officials to complain they had lost access to the communications of legitimate criminal targets. That in turn sparked more investment in technologies, such as Pegasus, that worked by targeting individual devices.

“When you build a building, you want to make sure the building holds up, so we follow certain protocols,” said Ido Sivan-Sevilla, an expert on cyber governance at the University of Maryland. By promoting the sale of unregulated private surveillance tools, “we encourage building buildings that can be broken into. We are building a monster. We need an international norms treaty that says certain things are not okay.”

Without international standards and rules, there are secret deals between companies like NSO and the countries they service.

The unfettered use of a military-grade spyware such as Pegasus can help governments to suppress civic activism at a time when authoritarianism is on the rise worldwide. It also gives countries without the technical sophistication of such leading nations as the United States, Israel and China the ability to conduct far deeper digital cyberespionage than ever before.

‘Your body stops functioning’

Azerbaijan, a longtime ally of Israel, has been identified as an NSO client by Citizen Lab and others. The country is a family-run kleptocracy with no free elections, no impartial court system and no independent news media. The former Soviet territory has been ruled since the Soviet Union collapsed 30 years ago by the Aliyev family, whose theft of the country’s wealth and money-laundering schemes abroad have resulted in foreign embargoes, international sanctions and criminal indictments.

Despite the difficulties, roughly three dozen Azerbaijani reporters continue to document the family’s corruption. Some are hiding inside the country, but most were forced into exile where they are not so easy to capture. Some work for the Prague-based, U.S.-funded Radio Free Europe/Radio Liberty, which was kicked out of the country in 2015 for its reporting. The others work for an investigative reporting nonprofit called the Organized Crime and Corruption Reporting Project, which is based in Sarajevo, the Bosnian capital, and is one of the partners in the Pegasus Project.

The foremost investigative reporter in the region is Khadija Ismayilova, whom the regime has worked for a decade to silence: It planted a secret camera in her apartment wall, took videos of her having sex with her boyfriend and then posted them on the Internet in 2012; she was arrested in 2014, tried and convicted on trumped-up tax-evasion and other charges, and held in prison cells with hardened criminals. After global outrage and the high-profile intervention of human rights attorney Amal Clooney, she was released in 2016 and put under a travel ban.

“It is important that people see examples of journalists who do not stop because they were threatened,” Ismayilova said in a recent interview. “It’s like a war. You leave your trench, then the attacker comes in. … You have to keep your position, otherwise it will be taken and then you will have less space, less space, the space will be shrinking and then you will find it hard to breathe.”

Last month, her health failing, she was allowed to leave the country. Colleagues arranged to test her smartphone immediately. Forensics by Security Lab determined that Pegasus had attacked and penetrated her device numerous times from March 2019 to as late as May of this year.

She had assumed some kind of surveillance, Ismayilova said, but was still surprised at the number of attacks. “When you think maybe there’s a camera in the toilet, your body stops functioning,” she said. “I went through this, and for eight or nine days I could not use the toilet, anywhere, not even in public places. My body stopped functioning.”

She stopped communicating with people because whoever she spoke with ended up harassed by security services. “You don’t trust anyone, and then you try not to have any long-term plans with your own life because you don’t want any person to have problems because of you.”

Confirmation of the Pegasus penetration galled her. “My family members are also victimized. The sources are victimized. People I’ve been working with, people who told me their private secrets are victimized,” she said. “It’s despicable. … I don’t know who else has been exposed because of me, who else is in danger because of me.”

Is the minister paranoid or sensible?

The fear of widespread surveillance impedes the already difficult mechanics of civic activism.

“Sometimes, that fear is the point,” said John Scott-Railton, a senior researcher at Citizen Lab, who has researched Pegasus extensively. “The psychological hardship and the self-censorship it causes are key tools of modern-day dictators and authoritarians.”

When Siddharth Varadarajan, co-founder of the Wire, an independent online outlet in India, learned that Security Lab’s analysis showed that his phone had been targeted and penetrated by Pegasus, his mind immediately ran through his sensitive sources. He thought about a minister in Prime Minister Narendra Modi’s government who had displayed an unusual concern about surveillance when they met.

The minister first moved the meeting from one location to another at the last moment, then switched off his phone and told Varadarajan to do the same.

Then “the two phones were put in a room and music was put on in that room … and I thought: ‘Boy, this guy is really paranoid. But maybe he was being sensible,'" Varadarajan said in a recent interview.

When forensics showed his phone had been penetrated, he knew the feeling himself. “You feel violated, there’s no doubt about it,” he said. “This is an incredible intrusion, and journalists should not have to deal with this. Nobody should have to deal with this.”

About this project

Priest reported from Ankara, Istanbul and Washington, Timberg from Washington and Mekhennet from Berlin. Michael Birnbaum in Budapest, Mary Beth Sheridan in Mexico City, Joanna Slater in New Delhi, Drew Harwell and Julie Tate in Washington, and Miranda Patrucic from the Organized Crime and Corruption Reporting Project in Sarajevo contributed to this report.

Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International had access to a list of phone numbers concentrated in countries known to surveil their citizens and also known to have been clients of NSO Group. The two nonprofits shared the information with The Washington Post and 15 other news organizations worldwide that have worked collaboratively to conduct further analysis and reporting over several months. Forbidden Stories oversaw the Pegasus Project, and Amnesty International provided forensic analysis but had no editorial input.

More than 80 journalists from Forbidden Stories, The Washington Post, Le Monde, Süddeutsche Zeitung, Die Zeit, the Guardian, Daraj, Direkt36, Le Soir, Knack, Radio France, the Wire, Proceso, Aristegui Noticias, the Organized Crime and Corruption Reporting Project, Haaretz and PBS Frontline joined the effort.

---

Despite the Hype, iPhone Security No Match for NSO Spyware

International investigation finds 23 Apple devices that were successfully hacked

he text delivered last month to the iPhone 11 of Claude Mangin, the French wife of a political activist jailed in Morocco, made no sound. It produced no image. It offered no warning of any kind as an iMessage from somebody she didn’t know delivered malware directly onto her phone — and past Apple’s security systems.

Once inside, the spyware, produced by Israel’s NSO Group and licensed to one of its government clients, went to work, according to a forensic examination of her device by Amnesty International’s Security Lab. It found that between October and June, her phone was hacked multiple times with Pegasus, NSO’s signature surveillance tool, during a time when she was in France.

The examination was unable to reveal what was collected. But the potential was vast: Pegasus can collect emails, call records, social media posts, user passwords, contact lists, pictures, videos, sound recordings and browsing histories, according to security researchers and NSO marketing materials. The spyware can activate cameras or microphones to capture fresh images and recordings. It can listen to calls and voice mails. It can collect location logs of where a user has been and also determine where that user is now, along with data indicating whether the person is stationary or, if moving, in which direction.

And all of this can happen without a user even touching her phone or knowing she has received a mysterious message from an unfamiliar person — in Mangin’s case, a Gmail user going by the name “linakeller2203.”

These kinds of “zero-click” attacks, as they are called within the surveillance industry, can work on even the newest generations of iPhones, after years of effort in which Apple attempted to close the door against unauthorized surveillance — and built marketing campaigns on assertions that it offers better privacy and security than rivals.

Mangin’s number was on a list of more than 50,000 phone numbers from more than 50 countries that The Post and 16 other organizations reviewed. Forbidden Stories, a Paris-based journalism nonprofit, and the human rights group Amnesty International had access to the numbers and shared them with The Post and its partners, in an effort to identify who the numbers belonged to and persuade them to allow the data from their phones to be examined forensically.

For years, Mangin has been waging an international campaign to win freedom for her husband, activist Naama Asfari, a member of the Sahrawi ethnic group and advocate of independence for the Western Sahara who was jailed in 2010 and allegedly tortured by Moroccan police, drawing an international outcry and condemnation from the United Nations.

“When I was in Morocco, I knew policemen were following me everywhere,” Mangin said in a video interview conducted in early July from her home in suburban Paris. “I never imagined this could be possible in France.”

Especially not through the Apple products that she believed would make her safe from spying, she said. The same week she sat for an interview about the hacking of her iPhone 11, a second smartphone she had borrowed — an iPhone 6s — also was infected with Pegasus, a later examination showed.

Researchers have documented iPhone infections with Pegasus dozens of times in recent years, challenging Apple’s reputation for superior security when compared with its leading rivals, which run Android operating systems by Google.

The months-long investigation by The Post and its partners found more evidence to fuel that debate. Amnesty’s Security Lab examined 67 smartphones whose numbers were on the Forbidden Stories list and found forensic evidence of Pegasus infections or attempts at infections in 37. Of those, 34 were iPhones — 23 that showed signs of a successful Pegasus infection and 11 that showed signs of attempted infection.

Only three of the 15 Android phones examined showed evidence of a hacking attempt, but that was probably because Android’s logs are not comprehensive enough to store the information needed for conclusive results, Amnesty’s investigators said.

Still, the number of times Pegasus was successfully implanted on an iPhone underscores the vulnerability of even its latest models. The hacked phones included an iPhone 12 with the latest of Apple’s software updates.

In a separate assessment published Sunday, the University of Toronto’s Citizen Lab endorsed Amnesty’s methodology. Citizen Lab also noted that its previous research had found Pegasus infections on an iPhone 12 Pro Max and two iPhone SE2s, all running 14.0 or more recent versions of the iOS operating system, first released last year.

How Pegasus works

Target: Someone sends what’s known as a trap link to a smartphone that persuades the victim to tap and activate — or activates itself without any input, as in the most sophisticated “zero-click” hacks.

Infect: The spyware captures and copies the phone’s most basic functions, NSO marketing materials show, recording from the cameras and microphone and collecting location data, call logs and contacts.

Track: The implant secretly reports that information to an operative who can use it to map out sensitive details of the victim’s life.

Ivan Krstić, head of Apple Security Engineering and Architecture, defended his company’s security efforts.

“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market,” he said in a statement. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

Apple burnished its reputation for guarding user privacy during its high-profile legal fight with the FBI in 2016 over whether the company could be forced to unlock an iPhone used by one of the attackers in a San Bernardino, Calif., mass shooting the previous year. The FBI ultimately withdrew from the legal clash when it found an Australian cybersecurity firm, Azimuth Security, that could unlock the iPhone 5c without any help from Apple.

Outside researchers praise Apple for its stand — and for continuing to improve its technology with each new generation of iPhones. The company last year quietly introduced BlastDoor, a feature that seeks to prevent malware delivered through iMessages from infecting iPhones, making Pegasus-style attacks more difficult.

The investigation’s conclusions also are likely to fuel a debate about whether tech companies have done enough to shield their customers from unwanted intrusions. The vulnerability of smartphones, and their widespread adoption by journalists, diplomats, human rights activists and businesspeople around the world — as well as criminals and terrorists — has given rise to a robust industry offering commercially available hacking tools to those willing to pay.

NSO, for example, reported $240 million in revenue last year, and there are many other companies that offer similar spyware.

On Sunday, NSO’s chief executive, Shalev Hulio, told The Post that he was upset by the investigation’s reports that phones belonging to journalists, human rights activists and public officials had been targeted with his company’s software, even though he disputed other allegations reported by The Post and its partner news organizations. He promised an investigation. “Every allegation about misuse of the system is concerning to me,” Hulio said. “It violates the trust we are giving the customer.”

Apple is not alone in dealing with potential intrusions. The other major target of Pegasus is Google’s Android operating system, which powers smartphones by Samsung, LG and other manufacturers.

Google spokeswoman Kaylin Trychon said that Google has a threat analysis team that tracks NSO Group and other threat actors and that the company sent more than 4,000 warnings to users each month of attempted infiltrations by attackers, including government-backed ones.

She said the lack of logs that help researchers determine whether an Android device has been attacked was also a security decision.

“While we understand that persistent logs would be more helpful for forensic uses such as the ones described by Amnesty International’s researchers, they also would be helpful to attackers. We continually balance these different needs,” she said.

Advocates say the inability to prevent the hacking of smartphones threatens democracy in scores of nations by undermining newsgathering, political activity and campaigns against human rights abuses. Most nations have little or no effective regulation of the spyware industry or how its tools are used.

“If we’re not protecting them and not providing them with tools to do this dangerous work, then our societies are not going to get better,” said Adrian Shahbaz, director of technology and democracy for Freedom House, a Washington-based pro-democracy think tank. “If everyone is afraid of taking on the powerful because they fear the consequences of it, then that would be disastrous to the state of democracy.”

Hatice Cengiz, the fiancee of slain Washington Post contributing columnist Jamal Khashoggi, said she used an iPhone because she thought it would offer robust protection against hackers.

“Why did they say the iPhone is more safe?” Cengiz said in a June interview in Turkey, where she lives. Her iPhone was among the 23 found to have forensic evidence of successful Pegasus intrusion. The infiltration happened in the days after Khashoggi was killed in October 2018, the examination of her phone found.

NSO said in a statement that it had found no evidence that Cengiz’s phone had been targeted by Pegasus. “Our technology was not associated in any way with the heinous murder of Jamal Khashoggi,” the company said.

A head-to-head comparison of the security of Apple’s and Google’s operating systems and the devices that run them is not possible, but reports of hacks to iPhones have grown in recent years as security researchers have discovered evidence that attackers had found vulnerabilities in such widely used iPhone apps as iMessage, Apple Music, Apple Photos, FaceTime and the Safari browser.

The investigation found that iMessage — the built-in messaging app that allows seamless chatting among iPhone users — played a role in 13 of the 23 successful infiltrations of iPhones. IMessage was also the mode of attack in six of the 11 failed attempts Amnesty’s Security Lab identified through its forensic examinations.

One reason that iMessage has become a vector for attack, security researchers say, is that the app has gradually added features, which inevitably creates more potential vulnerabilities.

“They can’t make iMessage safe,” said Matthew Green, a security and cryptology professor at Johns Hopkins University. “I’m not saying it can’t be fixed, but it’s pretty bad.”

One key issue: IMessage lets strangers send iPhone users messages without any warning to or approval from the recipient, a feature that makes it easier for hackers to take the first steps toward infection without detection. Security researchers have warned about this weakness for years.

“Your iPhone, and a billion other Apple devices out-of-the-box, automatically run famously insecure software to preview iMessages, whether you trust the sender or not,” said security researcher Bill Marczak, a fellow at Citizen Lab, a research institute based at the University of Toronto’s Munk School of Global Affairs & Public Policy. “Any Computer Security 101 student could spot the flaw here.”

Google’s Project Zero, which searches for exploitable bugs across a range of technology offerings and publishes its findings publicly, reported in a series of blog posts last year on vulnerabilities to iMessage.

The encrypted chat app Signal adopted new protections last year requiring user approval when an unfamiliar user attempts to initiate a call or text — a protection Apple has not implemented with iMessage. Users of iPhones can choose to filter unfamiliar users by activating a feature in their devices’ settings, though research for many years has shown that ordinary users of devices or apps rarely take advantage of such granular controls.

In a 2,800-word email responding to questions from The Post that Apple said could not be quoted directly, the company said that iPhones severely restrict the code that an iMessage can run on a device and that it has protections against malware arriving in this way. It said BlastDoor examines Web previews and photos for suspicious content before users can view them but did not elaborate on that process. It did not respond to a question about whether it would consider restricting messages from senders not in a person’s address book.

The Amnesty technical analysis also found evidence that NSO’s clients use commercial Internet service companies, including Amazon Web Services, to deliver Pegasus malware to targeted phones. (Amazon’s executive chairman, Jeff Bezos, owns The Post.)

Kristin Brown, a spokeswoman for Amazon Web Services, said, “When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts.”

Hard lessons

The infiltration of Mangin’s iPhones underscores hard lessons about privacy in the age of smartphones: Nothing held on any device is entirely safe. Spending more for a premium smartphone does not change that fact, especially if some nation’s intelligence or law enforcement agencies want to break in. NSO reported last month that it has 60 government customers in 40 countries, meaning some nations have more than one agency with a contract.

New security measures often exact costs to consumers in terms of ease of use, speed of apps and battery life, prompting internal struggles in many technology companies over whether such performance trade-offs are worth the improved resistance to hacking that such measures provide.

One former Apple employee, who spoke on the condition of anonymity because Apple requires its employees to sign agreements prohibiting them from commenting on nearly all aspects of the company, even after they leave, said it was difficult to communicate with security researchers who reported bugs in Apple products because the company’s marketing department got in the way.

“Marketing could veto everything,” the person said. “We had a whole bunch of canned replies we would use over and over again. It was incredibly annoying and slowed everything down.”

Apple also restricts the access outside researchers have to iOS, the mobile operating system used by iPhones and iPads, in a way that makes investigation of the code more difficult and limits the ability of consumers to discover when they’ve been hacked, researchers say.

In its email response to questions from The Post, Apple said its product marketing team has a say only in some interactions between Apple employees and outside security researchers and only to ensure the company’s messaging about new products is consistent. It said it is committed to giving tools to outside security researchers and touted its Security Research Device Program, in which the company sells iPhones with special software that researchers can use to analyze iOS.

Critics — both inside and outside the company — say Apple also should be more focused on tracking the work of its most sophisticated adversaries, including NSO, to better understand the cutting-edge exploits attackers are developing. These critics say the company’s security team tends to focus more on overall security, by deploying features that thwart most attacks but may fail to stop attacks on people subject to government surveillance — a group that often includes journalists, politicians and human rights activists such as Mangin.

“It’s a situation where you’re always working with an information deficit. You don’t know a whole lot about what’s out there,” said a former Apple engineer, speaking on the condition of anonymity because Apple does not permit former employees to speak publicly without company permission. “When you have a well-resourced adversary, different things are on the table.”

In its email to The Post, Apple said that in recent years it has significantly expanded its security team focused on tracking sophisticated adversaries. Apple said in the email that it is different from its competitors in that it elects not to discuss these efforts publicly, instead focusing on building new protections for its software. Overall, its security team has grown fourfold over the past five years, Apple said.

Apple’s business model relies on the annual release of new iPhones, its flagship product that generates half of its revenue. Each new device, which typically arrives with an updated operating system available to users of older devices, includes many new features — along with what security researchers call new “attack surfaces.”

Current and former Apple employees and people who work with the company say the product release schedule is harrowing, and, because there is little time to vet new products for security flaws, it leads to a proliferation of new bugs that offensive security researchers at companies like NSO Group can use to break into even the newest devices.

In its email to The Post, Apple said it uses automated tools and in-house researchers to catch the vast majority of bugs before they’re released and that it is the best in the industry.

Apple also was a relative latecomer to “bug bounties,” where companies pay independent researchers for finding and disclosing software flaws that could be used by hackers in attacks.

Krstić, Apple’s top security official, pushed for a bug bounty program that was added in 2016, but some independent researchers say they have stopped submitting bugs through the program because Apple tends to pay small rewards and the process can take months or years.

Last week, Nicolas Brunner, an iOS engineer for Swiss Federal Railways, detailed in a blog post how he submitted a bug to Apple that allowed someone to permanently track an iPhone user’s location without their knowledge. He said Apple was uncommunicative, slow to fix the bug and ultimately did not pay him.

Asked about the blog post, an Apple spokesman referred to Apple’s email in which it said its bug bounty program is the best in the industry and that it pays higher rewards than any other company. In 2021 alone, it has paid out millions of dollars to security researchers, the email said.

People familiar with Apple’s security operations say Krstić has improved the situation, but Apple’s security team remains known for keeping a low public profile, declining to make presentations at conferences such as the heavily attended Black Hat cybersecurity conference in Las Vegas each summer, where other tech companies have become fixtures.

Once a bug is reported to Apple, it’s given a color code, said former employees familiar with the process. Red means the bug is being actively exploited by attackers. Orange, the next level down, means the bug is serious but that there is no evidence it has been exploited yet. Orange bugs can take months to fix, and the engineering team, not security, decides when that happens.

Former Apple employees recounted several instances in which bugs that were not believed to be serious were exploited against customers between the time they were reported to Apple and when they were patched.

Apple said in its email that no system is perfect but that it rapidly fixes serious security vulnerabilities and continues to invest in improving its system for assessing the seriousness of bugs.

But outside security researchers say they cannot be sure how many iOS users are exploited because Apple makes it difficult for researchers to analyze the information that would point to exploits.

“I think we’re seeing the tip of the iceberg at the moment,” said Costin Raiu, director of the global research and analysis team at cybersecurity firm Kaspersky Lab. “If you open it up and give people the tools and ability to inspect phones, you have to be ready for the news cycle which will be mostly negative. It takes courage.”