Investigation Finds NSO Malware Being Used By The Bahrain Government To Target Activists And Dissidents

from the truly-unsurprising-development dept

More bad news for Israeli malware purveyor NSO Group. Despite its contradictory and simultaneous claims that it does not allow its customers to abuse its products and that it has no way of monitoring use of its products, more evidence continues to surface that shows the company’s customers are deploying NSO’s malware to target journalists, activists, prominent politicians, and religious leaders.

Citizen Lab — which has uncovered plenty of abusive use of NSO malware previously — has released another report showing an abusive government abusing NSO spyware to spy on activists opposed to the country’s current leadership. The investigation also confirms something NSO has repeatedly denied: that the list of numbers leaked to journalists and investigators is actually a list of potential targets of NSO’s customers. That list included plenty of journalists, activists, politicians, and religious leaders.

Perhaps the most worrying thing about this report is the use of an exploit that bypasses security measures activists would logically adopt: refusing to click on links sent by unknown senders.

We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. Some of the activists were hacked using two zero-click iMessage exploits: the 2020 KISMET exploit and a 2021 exploit that we call FORCEDENTRY.

The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).

And here’s at least partial confirmation that the leaked list of potential targets has something to do with NSO Group and its customers:

We shared a list of the targeted phone numbers we identified with Forbidden Stories. They confirmed that numbers associated with five of the hacked devices were contained on the Pegasus Project’s list of potential targets of NSO Group’s customers, data that Forbidden Stories and Amnesty International describe as dating from 2016 up to several years ago.

If NSO Group is serious about preventing abuse of its products, the first step it could take is refusing to sell exploits to abusive governments. As Citizen Lab points out, Bahrain’s government has a long history of human rights abuses. While things improved slightly and briefly around the turn of the century, everything reverted back to the abusive mean a decade later, when reforms were rolled back and the government went back to imprisoning and torturing dissidents, critics, and anti-government activists.

And you can’t find people to jail and torture without domestic spying, which the Bahraini government enthusiastically engages in. That apparently includes spying on activists and dissidents who have left the country. The report says two Bahrain citizens who now live in London were hit with NSO malware. But this may have been a proxy hack on behalf of the Bahrain government. Citizen Lab notes it has only seen the Bahrain government deploy malware in its own country or in neighboring Qatar. So, these hacks may have been performed on its behalf by a friendly government with its own set of NSO malware.

In conclusion, NSO Group is complicit in the surveillance, imprisonment, torture, and silencing of activists around the world. The company claims it is selective about who it sells to and that it takes action when there are reports of abuse, but neither of these statements can possibly be true.

While NSO Group regularly attempts to discredit reports of abuse, their customer list includes many notorious misusers of surveillance technology. The sale of Pegasus to Bahrain is particularly egregious, considering that there is significant, longstanding, and documented evidence of Bahrain’s serial misuse of surveillance products including Trovicor, FinFisher, Cellebrite, and, now, NSO Group.

Once again, if NSO’s statements about preventing abuse are going to be taken seriously, the company needs to dump customers with proven track records of human rights abuses. That’s the bare minimum it can do to prevent its exploits from being used to target people governments just don’t like. If these tools have been developed to fight dangerous crime and terrorism, the worst thing to do is place them in the hands of governments whose actions are criminal and often indistinguishable from terrorism.

Filed Under: , , , , , ,
Companies: citizen lab, nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Investigation Finds NSO Malware Being Used By The Bahrain Government To Target Activists And Dissidents”

Subscribe: RSS Leave a comment

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Older Stuff
13:40 It's Great That Winnie The Pooh Is In The Public Domain; But He Should Have Been Free In 1982 (Or Earlier) (35)
12:06 Norton 360 Now Comes With Crypto Mining Capabilities And Sketchy Removal Process (28)
10:45 Chinese Government Dragnet Now Folding In American Social Media Platforms To Silence Dissent (14)
10:40 Daily Deal: The 2022 Ultimate Cybersecurity Analyst Preparation Bundle (0)
09:29 A Fight Between Facebook And The British Medical Journal Highlights The Difficulty Of Moderating 'Medical Misinformation' (9)
06:29 Court Ruling Paves The Way For Better, More Reliable Wi-Fi (4)
20:12 Eighth Circuit (Again) Says There's Nothing Wrong With Detaining Innocent Minors At Gunpoint (15)
15:48 China's Regulatory War On Its Gaming Industry Racks Up 14k Casualties (10)
13:31 Chinese Government Fines Local Car Dealerships For Surveilling While Not Being The Government (5)
12:08 Eric Clapton Pretends To Regret The Decision To Sue Random German Woman Who Listed A Bootleg Of One Of His CDs On Ebay (29)
10:44 ICE Is So Toxic That The DHS's Investigative Wing Is Asking To Be Completely Separated From It (29)
10:39 Daily Deal: The 2022 Complete Raspberry Pi And Arduino Developer Bundle (0)
09:31 Google Blocked An Article About Police From The Intercept... Because The Title Included A Phrase That Was Also A Movie Title (24)
06:22 Wireless Carriers Balk At FAA Demand For 5G Deployment Delays Amid Shaky Safety Concerns (16)
19:53 Tenth Circuit Denies Qualified Immunity To Social Worker Who Fabricated A Mother's Confession Of Child Abuse (35)
15:39 Sci-Hub's Creator Thinks Academic Publishers, Not Her Site, Are The Real Threat To Science, And Says: 'Any Law Against Knowledge Is Fundamentally Unjust' (34)
13:32 Federal Court Tells Proud Boys Defendants That Raiding The Capitol Building Isn't Covered By The First Amendment (25)
12:14 US Courts Realizing They Have A Judge Alan Albright Sized Problem In Waco (17)
10:44 Boston Police Department Used Forfeiture Funds To Hide Purchase Of Surveillance Tech From City Reps (16)
10:39 Daily Deal: The Ultimate Microsoft Excel Training Bundle (0)
09:20 NY Senator Proposes Ridiculously Unconstitutional Social Media Law That Is The Mirror Opposite Of Equally Unconstitutional Laws In Florida & Texas (25)
06:12 Telecom Monopolies Are Exploiting Crappy U.S. Broadband Maps To Block Community Broadband Grant Requests (7)
12:00 Funniest/Most Insightful Comments Of 2021 At Techdirt (17)
10:00 Gaming Like It's 1926: Join The Fourth Annual Public Domain Game Jam (6)
09:00 New Year's Message: The Arc Of The Moral Universe Is A Twisty Path (33)
19:39 DHS, ICE Begin Body Camera Pilot Program With Surprisingly Good Policies In Place (7)
15:29 Remembering Techdirt Contributors Sherwin And Elliot (1)
13:32 DC Metro PD's Powerful Review Panel Keeps Giving Bad Cops Their Jobs Back (6)
12:11 Missouri Governor Still Expects Journalists To Be Prosecuted For Showing How His Admin Leaked Teacher Social Security Numbers (39)
10:48 Oversight Board Overturning Instagram Takedown Of Ayahuasca Post Demonstrates The Impossibility Of Content Moderation (10)
More arrow
This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it