Israeli Investigators Review NSO Database In Pegasus Hacking Probe

A high-level Israeli inquiry into alleged warrantless police wiretaps is examining a database provided by NSO Group, maker of the controversial hacking tool Pegasus, according to the country’s Justice Ministry.

NSO Group has come under fire in recent months after reports in Israel and elsewhere that Pegasus was used for privacy violations by government clients, leading to its being placed on a US blacklist in November.

The firm has denied wrongdoing.

The Justice Ministry said on Sunday it is examining NSO’s “audit log” database, which the group said provides accurate information on phones that have been accessed using the tool.

Hacking tool

Israel’s Calcalist newspaper reported last week that police used Pegasus without judicial warrants to investigate public figures including a son and two confidants of former prime minister Benjamin Netanyahu.

The report prompted a court to cancel a session in Netanyahu’s corruption case to look into whether the evidence against him was sourced from illegal wiretaps.

The Justice Ministry said an internal police investigation had found that “no action was taken against anyone in the absence of a court warrant against them”. It said some 1,500 phone numbers were checked against the NSO database.

An inquiry being conducted by a deputy attorney-general “is also checking information in the NSO company’s internal database”, the ministry said. NSO declined to comment.

Last month the New York Times reported that the FBI had bought and tested NSO software, including Pegasus, for years as it considered using it for domestic surveillance, until it finally decided last summer not to deploy the tools.

FBI trials

The FBI bought Pegasus in 2019 and spent two years discussing whether to deploy a newer product, called Phantom, within the United States. Pegasus itself is barred from hacking US +1 phone numbers.

The FBI decided not to use the NSO tools but Pegasus equipment is still housed in a New Jersey building used by the FBI, the Times found.

It reported that NSO had given the agency a demonstration of Phantom, which a brochure reportedly says allows agencies to “turn your target’s smartphone into an intelligence gold mine”.

The FBI acknowledged earlier this month that it had obtained but not used Pegasus.

Following the blacklist in November, NSO Group was reportedly close to defaulting in $500 million (£370m) in loans and was considering shutting down the Pegasus unit or selling it.

Blacklist

The US Commerce Department said last November that it was blacklisting the company and Candiru, another Israeli surveillance firm, “based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers”.

In December Apple said it had notified 11 US diplomats that their iPhones had been hacked using NSO spyware in recent months.

The State Department employees targeted were reportedly using iPhones with foreign telephone numbers that did not use the +1 country code.