![](\"https:\/\/media.wired.com\/photos\/61df7250e365ac4c375307ab\/master\/pass\/Security-NSO-El-Salvador-966235602.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Lily Hay Newman| Date: Thu, 13 Jan 2022 02:00:18 +0000<\/strong><\/p>\n Lily Hay Newman<\/a><\/span><\/span><\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n To revist this article, visit My Profile, then View saved stories<\/a>.<\/p>\n The Israeli spyware<\/span> developer NSO Group<\/a> has long claimed plausible deniability when it comes to misuse of its powerful targeted surveillance tools. Yet despite its protestations\u2014and increased scrutiny from tech companies and regulators alike\u2014the abuses continue. The latest revelation comes from El Salvador, where NSO's Pegasus malware was found on 37 devices belonging to 35 journalists and activists as recently as November of last year.\u00a0<\/p>\n Those findings, jointly<\/a> published<\/a> by<\/a> a consortium of digital rights organizations, show that despite NSO Group's insistence that its products are used to track criminals and terrorists, governments continue to deploy them against innocent targets\u2014and that NSO has done little to rein in its clients.\u00a0<\/p>\n Twenty-three of the infected devices belong to journalists connected to the Salvadoran news site El Faro. Three other compromised devices belong to people associated with the publication Gato Encerrado<\/em>. Both have published reporting critical of El Salvador's government and have faced retaliation, like being barred from various government press conferences and, El Faro has said, being subjected to invasive financial audits and accusations of tax evasion. Salvadoran president Nayib Bukele and his administration have been broadly hostile to the media; in early 2021, the Inter-American Commission on Human Rights granted precautionary measures<\/a> for 34 El Faro journalists thought to be at risk of human rights violations as a result of their work.<\/p>\n Other confirmed targets of the Pegasus hacking spree include devices connected to Salvadoran publications La Prensa Gra\u0301fica<\/em>, Revista Digital Disruptiva<\/em>, El Diario de Hoy<\/em>, and El Diario El Mundo<\/em>, plus those of two independent reporters. The campaign also hit devices linked to local nongovernmental organizations, including Cristosal, Fundacio\u0301n Democracia, and Transparencia y Justicia. Notably, the researchers found that some devices were infected with Pegasus more than 40 times. El Faro said<\/a> on November 23 that Apple had alerted 12 of its journalists to the possibility that their devices had been targeted with Pegasus spyware. The Association of Journalists of El Salvador announced a day later that a total of 23 journalists from different newsrooms received the same information. Others who received Apple's Pegasus targeting notifications include parliamentarian Jhonny Wright Sol and He\u0301ctor Silva, a San Salvador local councilor.<\/p>\n \u201cIt was quite shocking, to be honest, given the scale and the persistence of the infections in terms of one person being targeted multiple times,\u201d says Natalia Krapiva, tech legal counsel at Access Now, one of the organizations that investigated the campaign. \u201cThe technology gives access to everything you\u2019re doing on your phone, and we've heard NSO say many times that they would take action to implement human rights policies. Governments are also not being transparent about the purchase and use of this spyware. They should be accountable. Surveillance of civil societies with these tools shouldn\u2019t be the norm.\u201d<\/p>\n Pegasus, which NSO has developed for both Apple's iOS mobile operating system and Google's Android OS, can be used to track a victim device's location, exfiltrate data like text messages and emails, activate the microphone and camera, and more.<\/p>\n \u201cNSO is a software provider, the company does not operate the technology or is privy to the collected data,\u201d NSO Group said in a statement. \u201cThe company does not and cannot know who the targets of its customers are, yet implements measures to ensure that these systems are used solely for the authorized uses. NSO\u2019s firm stance on these issues is that the use of cyber tools in order to monitor dissidents, activists and journalists is a severe misuse of any technology and goes against the desired use of such critical tools.\u201d<\/p>\n The company added, \u201cThere is no active system in El Salvador.\u201d<\/p>\n The consortium of organizations that conducted the research also includes Front Line Defenders, University of Toronto's Citizen Lab, Amnesty International, Fundacio\u0301n Acceso, and SocialTIC. This is the first time Pegasus use has been confirmed in El Salvador, and it is one of the first examples in South and Central America in general. International investigators found in 2017<\/a> that the Mexican government was using Pegasus. The group does not attribute the Salvadoran hacking to a specific actor, but notes that NSO Group claims its customers are governments and their law enforcement agencies. Researchers at Citizen Lab found evidence that the campaign operator is focused solely on domestic targets in El Salvador.<\/p>\n \u201cIf Mexico was dramatic, this one is jaw-dropping,\u201d says John Scott-Railton, senior researcher at Citizen Lab, \u201cbecause what we found was this incredibly extensive, pervasive, and aggressive targeting of media in El Salvador. And that targeting is very much paired with other threats against media there.\u201d\u00a0<\/p>\n AccessNow's Krapiva points out that the timing of the campaign in El Salvador underscores how hollow NSO Group's defense of its products has been. In July, for example, Amnesty International and other organizations published extensive findings known as the Pegasus Project, detailing forensic evidence<\/a> that NSO spyware was being abused by governments worldwide and that Hungary, India, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates among others might be NSO customers. The findings prompted numerous condemnations of the use of Pegasus or other invasive spyware and calls for a moratorium on the use of NSO tools. At the beginning of November when the Salvadoran targeting was still ongoing, the United States Treasury put NSO Group on its entity list<\/a>.<\/p>\n NSO has faced significant other pushback as well, including lawsuits by Apple and the Meta-owned secure messaging platform WhatsApp<\/a>.<\/p>\n \u201cNSO says it\u2019s like the car dealer, it just sells the car,\u201d Citizen Lab's Scott-Railton says. \u201cBut in the case of El Salvador, if indeed this was the El Salvador government, you have a pretty good idea of who you're dealing with. And in general this shows that if you thought that this kind of thing only happened in a dictatorship, Pegasus is the gas on the authoritarian fire.\u201d<\/p>\n NSO Group has reportedly faltered in recent months as the backlash against it grows, but the researchers emphasize that the company is far from<\/a> the only commodity spyware maker serving rogue clientele.\u00a0<\/p>\n \u201cThis is important," AccessNow's Krapiva says. \u201cThere needs to be accountability and consequences for the companies that are providing these technologies and the governments that are using them.\u201d<\/p>\n