WhatsApp: Scores of activists targeted with NSO spyware

Responding to a statement by WhatsApp on Tuesday that spyware produced by the Israeli firm NSO Group was used to target more than 100 human rights activists, Danna Ingleton, Deputy Director of Amnesty Tech, said:

“These latest revelations underscore that NSO Group continues to profit from its spyware products being used to intimidate, track, and punish scores of human rights defenders across the globe, including the Kingdom of Bahrain, the United Arab Emirates and Mexico. WhatsApp deserves credit for their tough stance against these malicious attacks, including their efforts to hold NSO to account in the courts.  

The safest way to stop NSO’s spyware products reaching governments who plan to misuse them is to revoke the company’s export license.

Danna Ingleton, Deputy Director of Amnesty Tech

“NSO says its spyware is solely intended to ‘prevent crime and terrorism’, but instead the firm’s invasive surveillance tools are being used to commit human rights abuses.

“The safest way to stop NSO’s spyware products reaching governments who plan to misuse them is to revoke the company’s export license. This is why next week, Amnesty International is supporting a legal case in Tel Aviv District Court to force the Israeli Ministry of Defence to do exactly that.”

Background

On Tuesday, WhatsApp said NSO spyware was used to exploit a vulnerability in the app to target approximately 1,400 people between approximately April 2019 and May 2019.  One hundred of those targeted were human rights defenders according to WhatsApp, in countries around the world. The vulnerability, first published about in May, allowed attackers to install spyware by calling the target using WhatsApp.

Next Thursday, 7 November, the Tel Aviv’s District Court is due to hear a legal case arguing that Israel’s Ministry of Defence (MoD) should revoke NSO Groups export licence. The company’s Pegasus software has been used to target journalists and activists across the globe – including in Morocco, Saudi Arabia, Mexico and the United Arab Emirates. An Amnesty International staff member was also targeted using NSO malware.    
The legal action is being brought by approximately 30 members and supporters of Amnesty International Israel and others from the human rights community. The action is supported by Amnesty International as part of a joint project with New York University (NYU) School of Law’s Bernstein Institute for Human Rights and Global Justice Clinic, which seeks justice for human rights defenders targeted with malicious software.

Earlier this month, Amnesty International uncovered targeted digital attacks using Pegasus against two prominent Moroccan human rights defenders – academic and activist Maati Monjib, and human rights lawyer Abdessadak El Bouchattaoui.