Morocco likely involved in Pegasus hacking 200+ Spanish mobile numbers

• 

200 Spanish mobile numbers were likely targets of surveillance by an NSO Group client believed to be Morocco, according to a Pegasus data leak.

Details of the apparent targeting emerged as Spain's top criminal court launched an investigation into how the mobile phones of Prime Minister Pedro Sánchez and Defense Minister Margarita Robles became infected with Pegasus spyware last year.

The Spanish government has refused to speculate on who may have been behind the "illicit" and "external" attacks, the existence of which was revealed at a hastily convened press conference on Monday.

The Prime Minister is said to have been targeted in May and June of last year, during a particularly tumultuous period in Spanish politics.

50,000+ numbers of individuals picked by Morocco 

According to timestamps in the data, the mobile number selections alleged to have been made by Morocco occurred in 2019. The data comprises more than 50,000 numbers of individuals picked as possible surveillance targets by NSO clients around the world.

Amnesty International revealed that a Spanish mobile number belonging to Aminatou Haidar, a famous human rights activist from Western Sahara, was included in the leaked database and discovered to have been targeted by Pegasus dating back to 2018.

Traces of the Pegasus spyware, which is manufactured by the Israeli company NSO Group, were also discovered on Haidar's second phone as recently as November 2021.

The Pegasus Project database also included a Spanish phone number for journalist Ignacio Cembrero, whose work focuses on the Maghreb.

200 Spanish numbers

The inclusion of over 200 Spanish mobile phone numbers chosen by a client thought to be from Morocco does not imply that each number was targeted or hacked. However, it does indicate that the customer was active in looking for potential targets for monitoring within Spain.

The fact that a number appeared on the leaked list was not indicative of whether that number was targeted for monitoring using Pegasus, according to NSO. NSO also claimed that the database was of "no relevance" to the corporation.

Morocco previously denied spying on foreign leaders with Pegasus and claimed that journalists examining NSO were "unable to prove [the country's] link" with NSO.

However, an examination of the released documents revealed that Morocco appears to have named dozens of French leaders as possible targets for espionage, including President Emmanuel Macron.

According to NSO, their spyware is solely sold to government clients with the alleged aim of investigating "serious crimes and terrorism." It has stated that it is investigating credible complaints of abuse and has categorically denied that Pegasus was ever used to target Macron.

The attacks were revealed as the Spanish government faced further concerns about how Pegasus was reportedly used to monitor scores of Catalan independence movement activists, including the president of the north-eastern Spanish territory, Pere Aragonès, and three of his predecessors.

The Pegasus Project, coordinated by the French non-profit Forbidden Stories, is investigative cooperation comprising 16 media partners, including the Guardian, the Wire, the Washington Post, and Le Monde.