Over 30 Thai activists hacked by Israeli spyware Pegasus

• 

The Israeli NSO Group's Pegasus spyware has preyed on another group of victims: more than 30 Thai activists and their supporters have been found to be in the iron sights of the firm's spyware, civil groups said late Sunday.

The revelation was made as part of Thailand's countrywide campaign, brought to life over a warning from Apple informing iPhone users that they had been targeted.

Apple had warned suspected Pegasus victims in November, which led Thai recipients to contact civic organizations that proceeded to consult iLaw, a local human rights group advocating for a new constitution. The human rights organization then helped locate more victims of the Pegasus spyware.

iLaw identified many of the victims by name in a new report on the spyware, while another came from the Toronto-based Citizen Lab, which found Pegasus to have been the spyware used to hack the devices in 2020 and 2021 after examining digital traces left in the phone.

Amnesty International used a different method to examine some of the phones and found that Citizen Lab's conclusion was in place.

Citizen Lab at the University of Toronto discovered an exploit that allowed NSO users to infect iPhones with the company's Pegasus spyware via a weakness in the iMessage feature.

The victims of the hacks include two iLaw figures, such as the organization's representative, Yingecheep Atchanont, who said he was not surprised to have been a victim of the cyber attack, but the number of times he was hacked.

"I was surprised later when I found out that I was infected so many times during late 2020 and early 2021. That time I was just an observer of the protests, my role is just campaigning on the constitutional amendment," Atchanont told The Washington Post.

New reports on the issue show that a sizeable amount of attacks were carried out at times the targets were involved in rallies demanding constitutional change by elected representatives and protesting against the government's policies.

The reports do not find the Thai government to have been behind the attacks, but Citizen Lab explained that it would be very logical to suspect Thai agencies.

The Thai government has carried out several mass arrest campaigns against activists that criticized its win in the 2019 election. Bangkok has arrested many protest organizers, including some found in the fresh reports to have been hacked.

The Thai government is the main suspect due to NSO's claims that it only sells to government agencies. The group also says it gets the approval of the Israeli occupation's government for each one of its deals.

Apple and Meta have both filed lawsuits accusing NSO of breaking US laws by hacking their platforms and devices, all under the auspices of the Israeli occupation government.

Prior reporting had identified Thailand as a location for surveillance operations, including Pegasus, but the latest reports are distinguished by their explicit naming of victims and providing of context for specific attacks.

"The infections occurred from October 2020 to November 2021, coinciding with a period of widespread pro-democracy protests, and predominantly targeted key figures in the pro-democracy movement," Citizen Lab said. "In numerous cases, multiple members of movements or organizations were infected."

NSO Group had been under fire after an investigation by The Washington Post and 16 media partners found that military-grade spyware leased by the Israeli firm NSO Group to governments was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives, and the two women closest to the murdered Saudi journalist Jamal Khashoggi

In February, according to a whistleblower's confidential disclosure to the Justice Department, the NSO Group offered American mobile-security firm representatives "bags of cash" in exchange for access to global cellular networks.

Israeli NSO Group's spyware, notorious for its usage in many cyberattacks around the world, helped authoritarian governments silence their opposition, journalists, human rights activists, and the heads of other states.

The scandal involved the phones of about 50,000 targets, which included many prominent politicians, businessmen, activists, journalists, and opposition figures around the world.

The FBI had previously confirmed to The Guardian that it had obtained access in 2019 to the controversial spyware that put the Israeli occupation under fire, Pegasus, claiming that the purpose of such purchase was only to test the product and evaluate it.