Jordan Using Israeli Made Spyware to Monitor Lawyers, Journalists

Rights Group Says Jordan Likely Using Pegasus Spyware

Jordan is allegedly making widespread use of the Israel-developed spyware known as Pegasus to monitor journalists, activists, human rights lawyers, and the non-governmental sector, according to a new report, said UPI News.

CISA Warns Google Chrome, Excel Users About Two New Hacking Exploits; Federal Agencies Urged To Take Action
An engineer from the Israeli company "Commun.it" uses his expertise in social media commercial analysis to identify networks of fake users during at the group's office in the Israeli city of Bnei Brak near Tel Aviv on January 23, 2019. JACK GUEZ/AFP via Getty Images

A news release from the non-profit Access Now states at least 35 people had their phones hacked and infected with the spyware in the last four years amid a "backdrop of escalating crackdowns on civic space and press freedoms in Jordan."

Among those targeted are two Human Rights Watch staff based in Jordan. The confirmation comes from an internal forensic lab analysis in collaboration with Amnesty International's Security Lab and sixteen journalists and media workers.

Hala Ahed, one of eight human rights lawyers, learned that her phone was first infected three years ago. Occasionally, agents targeted them and pretended to be journalists seeking interview or comment requests to fool victims into receiving the "zero-click" Pegasus spyware via messages.

Who Else Was Victimized?

The Associated Press reported Human Rights Watch's deputy director for the region, Adam Coogle, was also a target. In an interview with the AP, he said it was difficult to imagine who other than Jordan's government would be interested in hacking those affected.

In a 2022 report detailing a much smaller group of Pegasus victims in Jordan, digital sleuths at the University of Toronto's Citizen Lab identified two operators of the spyware may have been agents of the Jordanian government. A year earlier, Axios reported on negotiations between Jordan's government and NSO Group, revealed the AP.

"We believe this is just the tip of the iceberg when it comes to the use of Pegasus spyware in Jordan and that the true number of victims is likely much higher," Access Now said. Its Middle East and North Africa director, Marwa Fatafta, said at least 30 of 35 known targeted individuals were successfully hacked.

Citizen Lab confirmed all but five infections, with twenty-one asking to remain anonymous. The rest were identified by Human Rights Watch, Amnesty International's Security Lab, and the Organized Crime and Corruption Reporting Project.

Responding to the accusation, Israel's NSO Group said it only sells to vetted intelligence and law enforcement agencies, mainly for use against terrorists and serious criminals. However, cybersecurity researchers who have tracked the spyware's use in forty-five countries have documented dozens of cases of politically motivated abuse of the spyware from Mexico to Thailand, Poland, and Saudia Arabia.

An NSO Group spokesperson told the AP the company would not confirm or deny its clients' identities. NSO Group says it vets customers and investigates any report of spyware abuse.

The United States government black-listed the NSO Group in November after Apple Inc. sued it, calling its employees "amoral 21st-century mercenaries who have created highly sophisticated cyber-surveillance machinery that invites routine and flagrant abuse."

Another incident that has come to light is veteran Palestinian-American journalist and columnist Daoud Kuttab, who was hacked with the spyware three times between February 2022 and September 2023.

Kuttab refused to speculate about who might have targeted him.

"I always assume that somebody is listening to my conversations," he said, as getting surveilled "comes with the territory" when you are a journalist in the Middle East. But Kuttab does worry about his sources being compromised by hacks - and the violation of his privacy.

"Regardless of who did it, it's not right to intervene in my personal, family privacy and my professional privacy."

Human Rights Watch said in a statement Thursday that it had contacted NSO Group about the attacks and specifically asked it to investigate the hack of Coogle's device "but has received no substantive response to these inquiries."

The Jordanian government has yet to comment.

Tags
Jordan, Israel, Human rights watch, Amnesty International
Real Time Analytics