Pegasus Spyware Found On Journalists' Phones, French Intelligence Confirms (theguardian.com) 50
French intelligence investigators have confirmed that Pegasus spyware has been found on the phones of three journalists, including a senior member of staff at the country's international television station France 24. Pegasus is the hacking software -- or spyware -- that is developed, marketed and licensed to governments around the world by NSO Group. The malware has the capability to infect billions of phones running either iOS or Android operating systems. It enables operators of the spyware to extract messages, photos and emails, record calls and secretly activate microphones. The Guardian reports: It is the first time an independent and official authority has corroborated the findings of an international investigation by the Pegasus project -- a consortium of 17 media outlets, including the Guardian. Forbidden Stories, a Paris-based nonprofit media organization, and Amnesty International initially had access to a leaked list of 50,000 numbers that, it is believed, have been identified as those of people of interest by clients of Israeli firm NSO Group since 2016, and shared access with their media partners.
France's national agency for information systems security (Anssi) identified digital traces of NSO Group's hacking spyware on the television journalist's phone and relayed its findings to the Paris public prosecutor's office, which is overseeing the investigation into possible hacking. Anssi also found Pegasus on telephones belonging to Lenaig Bredoux, an investigative journalist at the French investigative website Mediapart, and the site's director, Edwy Plenel. Forbidden Stories believes at least 180 journalists worldwide may have been selected as people of interest in advance of possible surveillance by government clients of NSO.
Le Monde reported that the France 24 journalist, based in Paris, had been selected for "eventually putting under surveillance." Police experts discovered the spyware had been used to target the journalist's phone three times: in May 2019, September 2020 and January 2021, the paper said. Bredoux told the Guardian that investigators had found traces of Pegasus spyware on both her and Plenel's mobile phones. She said the confirmation of long-held suspicions that they had been targeted contradicted the repeated denials of those who were believed to be behind the attempt to spy on them.
France's national agency for information systems security (Anssi) identified digital traces of NSO Group's hacking spyware on the television journalist's phone and relayed its findings to the Paris public prosecutor's office, which is overseeing the investigation into possible hacking. Anssi also found Pegasus on telephones belonging to Lenaig Bredoux, an investigative journalist at the French investigative website Mediapart, and the site's director, Edwy Plenel. Forbidden Stories believes at least 180 journalists worldwide may have been selected as people of interest in advance of possible surveillance by government clients of NSO.
Le Monde reported that the France 24 journalist, based in Paris, had been selected for "eventually putting under surveillance." Police experts discovered the spyware had been used to target the journalist's phone three times: in May 2019, September 2020 and January 2021, the paper said. Bredoux told the Guardian that investigators had found traces of Pegasus spyware on both her and Plenel's mobile phones. She said the confirmation of long-held suspicions that they had been targeted contradicted the repeated denials of those who were believed to be behind the attempt to spy on them.
Re:Stupid BeauHD (Score:5, Informative)
The story says Morocco
Re: (Score:2)
It seems unlikely since I've been fully vaccinated for awhile and didn't have any side effects at all from the vaccine.
And I got autographs from Ponch and Jon when they installed my CHiP.
Re: (Score:2)
American spyware, Russian spyware... ALL MADE IN TAIWAN!
I don't get it sometimes. (Score:2)
Re: (Score:2)
Re: (Score:1)
All about extortion, act of crime, who were the perpetrators, lets see, who was behind Mr Epstein and his extortion program, the CIA and the Mossad. So how effective was the extortion program, how out of character were some decisions of politicians around the globe favouring Israel, pretty much red flag every single one of them.
Re:I don't get it sometimes. (Score:4, Informative)
Because Morocco is their ally, and they're hacking the French journalists to uncover links to and information about their local journalists, who they actively oppress.
So it isn't really an "act of war" type of situation in the first place. It is a "diplomatic incident" type situation.
And, it is considered a diplomatic incident. French relations with both Morocco and Israel have been harmed by this.
Re: (Score:2)
Why shouldn't we consider governments spying on Journalists an act of War against the people?
Re: (Score:2)
Re: (Score:2)
Because they are doing the same thing....
Re: (Score:2)
How is this not considered an act of war?
It is but most people are dense that there is a real war of the oligarchs against the masses, and the upper class is fearful and weirded out by the internet allowing free flow of information. See here by former national security advisor of the United states, Zbigniew Brezinski:
https://www.youtube.com/watch?... [youtube.com]
Re: (Score:2)
"How is this not considered an act of war?"
When the 'acts-of-war'-dictionary was written, even planes weren't invented yet.
So give them time, one or two hundred years.
We really need hardware switches (Score:5, Insightful)
We really need hardware switches for both the camera and microphone. If an application wants to use either, it detects the hardware is disabled and asks the user to enable it physically.
But no...., all the fucking phones need to look like a smooth glass slab with no tactile features whatsoever - except a stupid bump in the back for the cameras instead of just making the whole thing as thick as the bump and increase the battery size at the same time.
Re: (Score:3)
We don't even have such hardware switch for (nearly any) laptops, when laptops have so much spare space for the tiny switch.
For phone, such switch, if possible, will be part of accept phone call procedure. Because it is NOT okay for the phone to auto accept phone call when that hardware switch is on, the normal accept phone call procedure on such phone might be two-stepped. Such extra inconveinence will probably be unpopular to most people who don't care much about privacy. (Or maybe some extra detection
Re: (Score:3)
Reputable new laptops have a cover that slides over the camera.
Even the thin ones like the Thinkpad Yoga
Re: (Score:3)
Reputable new laptops have a cover that slides over the camera.
Even the thin ones like the Thinkpad Yoga
Do you know camera cover is easy to DIY? It is always the microphone that's the problem. (If one worry DIY'd camera cover is not safe, those first-party camera cover aren't any safer either)
Re: (Score:2)
"Do you know" Thinkpads have hardware mute, you mute it with the media button and the OS can't turn it on if it wants to.
And as for DIY, you can open up the case and fix the problem in a variety of ways if you want. Assuming you bought something that can be opened, of course. But if you're talking DIY, that's on you to buy things that are repairable.
Look at your userid. Look at my userid. Fuck off with the "do you know."
Re: (Score:2)
Oh you trusting soul. You actually think pressing a button that changes a setting in the software can't be bypassed? The whole Pegasus software package is designed to bypass all those security settings you rely on. Activating the microphone without changing the status on the display would be trivial for the software that is running at a system level.
If you want more proof, just run a software utility that replaces the function of that button to something else like starting your browser. So much for "har
Re: (Score:2)
Well, you could do it right like hardwiring the camera status LED into the cameras power circuit. But I remember when several cameras that were designed like that screwed up with some circuitry and that could be fooled, too. (if someone remembers that too, sorry I forgot the details)
Re: We really need hardware switches (Score:2)
Re: (Score:3)
With Thinkpads the camera has a physical cover, so the lack of an indicator isn't a big deal. Though mine does have an indicator LED.
But the hardware mic mute does have an LED, on the keyboard media button. If you turn it back on in software, the mute light turns off. The idea that it is trivial to bypass the BIOS-equivalent is just stupid-sauce from some moron who doesn't understand what "system level" would mean.
If you change what the button does... the mute LED would not turn on. Duh. The LED is connecte
Re: (Score:2)
Yeah, nice try. If the mute LED was connected to the chip enable pin, you wouldn't be able to mute the mic and still listen to sound from your speakers.
I'm impressed that you have seen the logic diagram of the hardware codec chip and the wiring diagram of the laptop's status display LEDs. Is the CE pin an active high or active low enable? Is the anode of the LED connected to the CE line or the cathode? Is there a pull-up resister inline or does the CE signal also supply the ground for the LED?
If the LED
Re: (Score:2)
That's right, when you use the hardware mute it mutes both the mic and the speakers.
But not bluetooth, if you're using bluetooth speakers. It does mute the headphone jack, though.
I think you made up
And I think you're a fucking moron who can't figure out than I'm an electronics engineer who designs mixed circuits and writes firmware.
Do you think I'm impressed that you wrote some very simple software... over 20 years ago?
Do you know why I know the LED is connected to the audio codec? Because I was curious and looked at the fuck
Re: (Score:2)
We used to be able to decide ourselves to switch on the computer. It's obscene how the control we have over a windows machine has been systematically reduced and we've become a client who logs on.
Re: (Score:2)
We used to be able to decide ourselves to switch on the computer. It's obscene how the control we have over a windows machine has been systematically reduced and we've become a product who logs on.
FTFY
Re:We really need hardware switches (Score:4, Informative)
Pinephones [pine64.org] have them [pine64.org].
Re: (Score:1)
Just buy a case (Score:2)
Re: (Score:2)
That won't solve the problem. Eventually you have to connect - when you do the spyware is waiting. This is, in fact, exactly why they want to compromise your phone. The government people who originally paid for this stuff already have access to your phone calls through the network. What they want is the other stuff.
Re: (Score:2)
Marketing.
When "ours is 2 mm thinner than the others" is part of your marketing, then nonsense like that happens.
I've never bought a phone with a bump. It's the pinnacle of stupidity to design a product like that. I'm staying on my iPhone SE among other things for that reason.
It's not like reverse engineering isn't a thing. (Score:1)
Re: (Score:2)
They've already started doing that and the Russian and Chinese hackers used NSA malware against the USA. In fact the whole point of this story is that NSO sold Pegasus spyware to organisations without proper oversight.
Re: (Score:2)
Isn't it funny how all the "oversight" always "fails" in these markets? Spy tools, weapons, you name it...
Re: (Score:2)
I can't wait for your hilarious interpretation of what 'proper oversight' is supposed to mean.
I'm sure the NSA have their interpretation though. The NSO should not bypass the NSA. Period. End of NSO.
Re: (Score:2)
I can't wait for your hilarious interpretation of what 'proper oversight' is supposed to mean.
I'm sure the NSA have their interpretation though. The NSO should not bypass the NSA. Period. End of NSO.
Well, I think "proper oversight" depends who you are and in what circumstances. For example, I, as a citizen of a democracy think that "proper oversight" means that hacking of phones should happen either a) after a court order from a judge within an effective legal system which follows the rule of law (this rules out, for example, judges in Belorussia). or b) in a proper espionage situation against an enemy nation which has not properly agreed to follow the laws of my country.
However, in this case I meant
Re: (Score:2)
I'd like to see what judge will approve hacking a journalist.
NSO does not distinguish between domestic spying on opponents or journalist and international spying. In this case it is international spying on journalists. So there is nothing legal about it, French wimps or not.
NSA cares about oversight in that they should be in control. NSO was going off on their own. That makes them the NSA prime candidate for releasing the list. I wonder if NSO has such a list. They may not want to know.
NSO isn't the only Is
Re: (Score:2)
I'd like to see what judge will approve hacking a journalist.
Well here's one where the Trump regime got a judge to approve hacking a journalists phone records [cnn.com].
NSO does not distinguish between domestic spying on opponents or journalist and international spying. In this case it is international spying on journalists. So there is nothing legal about it, French wimps or not.
The spying was approved by the Moroccan government. Presumably they decide it's legal. Doesn't make it legal elsewhere of course.
Re: (Score:2)
You're right, the meaning of 'legal' seems to be rather flexible.
NSO have some explaining to do (Score:1)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Re: NSO have some explaining to do (Score:2)
Isn't it cloud software? I assume they only hand out the listening software and keep the attack software private.
Re: NSO have some explaining to do (Score:2)
I assume they have procedures to keep some plausible deniability, mossad might have a backdoor but NSO is going to keep intentionally ignorant of targets to avoid liability as much as possible.
I wonder... (Score:1)
If anyone is going to sue that company for creating this?
Of course not, since they are from the chosen ones, they are untouchable and do no wrong.