Spanish Govt. Hacked by NSO Pegasus Spyware (or was it?)
The prime minister and the defense minister of Spain were both infected with Pegasus last year. The notorious spyware, sold by NSO Group “only to governments,” was said to have caused large amounts of data to be exfiltrated to persons unknown.
Presidente del Gobierno Pedro Sánchez (pictured) looks a bit confused, and he might be: Critics are accusing his socialist government of trying to distract from a huge scandal—the government is said to have itself used Pegasus to spy on Catalan regional separatists. Why announce this on a public holiday at a hastily convened press conference?
NSO Group is falling back on its usual vacuous drawer statements. In today’s SB Blogwatch, we look further beyond.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: The Batmen.
Dead-Cat Distraction?
¿Que paso? Aritz Parra and Barry Hatton report—“Spain: 2021 spyware attack targeted prime minister’s phone”:
“Government was already under pressure”
The cellphones of Spain’s prime minister and defense minister were infected last year with Pegasus spyware. … Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once the following month.
…
The breaches … resulted in a significant amount of data being obtained. … The Socialist-led government was during those months under intense scrutiny over its handling of a major foreign policy spat with Morocco and gripped by a tense domestic dispute over the release of jailed separatists from Spain’s restive Catalonia region. … The government was already under pressure to explain why the cellphones of dozens of people connected to the separatist movement … were infected with Pegasus between 2017 and 2020.
¡Hostia! Sam Jones adds—“Will be investigated by Spain’s highest criminal court”:
“Placed on a US blacklist”
The Pegasus spyware [is] sold by the Israeli company NSO Group. [The] manufacturers claim [it] is available only to state agencies.
…
In a hastily convened press conference … Félix Bolaños, the minister for the presidency, said … the “illicit” and “external” targeting would be investigated by Spain’s highest criminal court, the Audiencia Nacional, adding the targeting must have come from abroad. … “These facts have been confirmed and are irrefutable.”
…
NSO Group said in a statement it would investigate “any suspicion of misuse” of its software, and would cooperate with any governmental investigation. [It] claims Pegasus is sold only to governments to track criminals. [It] was placed on a US blacklist in November 2021, three months after a consortium of journalists … revealed multiple cases of journalists and activists who were hacked by foreign governments using the spyware, including American citizens.
The timing is fascinating, as Camille Gijs notes—“Sánchez had phone hacked with Pegasus”:
“At least 65 Catalan politicians and activists were targeted”
During an emergency press conference—on a public holiday in Spain … Bolaños said there was a complete intrusion of the government leaders’ mobile communication by an “external” force. … The spyware has been making headlines in Spain for weeks.
…
A recent investigation reported that at least 65 Catalan politicians and activists were targeted. … On Wednesday, the European Parliament plenary is set to debate the use of the Pegasus software by EU countries.
That investigation came courtesy of Citizen Lab—because of course it did. John Scott-Railton also notes the timing:
Remarkable timing. Just days ago Defense Minister Robles gave a speech appearing to defend use of Pegasus following our Citizen Lab report on hacking of Catalans.
…
The Spanish government’s response to our investigation was interesting. After denials, smears & trolling it had just arrived at the rationalization/justification stage.
…
Then [yesterday’s] bombshell dropped. [And now] a Pegasus commission in Spain’s congress was just vetoed.
A whatnow was vetoed? This Anonymous Coward explains:
Spanish politics are well FUBAR. … There is so much fear about what could go afloat of the Catalangate affair that the Spanish Parliament just voted against a public inquiry about Pegasus.
…
Oh the irony! Only last week or so Ms. Robles, the defence minister, was rather bizarrely trying to justify the breach of Catalan phones.
…
[In] the Spanish press, the dominant theory seems to be that the perpetrators would be the same … in both cases. There is apparently a Spanish deep state that answers to nobody except the memory of their former dictator … Franco.
Doesn’t mean this allegation isn’t true. So says znrt:
[But] making this public clearly aims to downplay the spying on Catalan citizens—specifically on ideological/political grounds. The fact is that governments using Pegasus to spy on political opponents is pretty commonplace abroad.
…
Ironically … trying to weasel out the government from this nth scandal … just underlines that, yes, powers that be in “democratic Spain” are shady enough to even spy on the prime minister and a defense minister who has already followed [their] ultranationalistic whims like trained dogs.
What a mess. Claudio “nex” Guarnieri sums up:
From family members of assassinated journalists, to human rights defenders all over the world, investigative reporters, political oppositions, and heads of states—is this the worst surveillance scandal we’ve had? Democratic freedoms, human rights, national sovereignty, all challenged by the manufacture and use of a single piece of surveillance technology.
…
The status quo is beyond worrisome. Time to act.
Meanwhile, spaceman375 has an unlikely solution:
Time for payback. … Some group should buy a Pegasus license, then use it to spy on the people who produce Pegasus. Prove that they know and are complicit in its use in inappropriate places and ways, and have the whole operation shut down, with jail time.
…
Not bloody likely, but one can hope.
And Finally:
Hat tip: Invisible Wizard
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.
Image sauce: psoe extremadura (cc:by; leveled and cropped)
