SAN FRANCISCO/WASHINGTON, Nov 7 (Reuters) – Government-backed hackers tried to plant spyware made by NSO Group on the iPhone of an Indian journalist working for the Organized Crime and Corruption Reporting Project (OCCRP) in August, the organization’s co-founder said on Monday.
Analysis of the journalist’s phone showed an infiltration attempt on Aug. 23, OCCRP’s co-founder Drew Sullivan told Reuters. The journalist, Anand Mangnale, was among a series of people in India who received alerts from Apple (AAPL.O) last week warning them that they had been targeted by “state-sponsored” hackers trying to remotely access their iPhones.
Apple’s alerts did not identify the government behind the hacks or the spyware used.
Sullivan said an internal forensic investigation tied the intrusion effort against Mangnale’s phone to Israeli firm NSO’s Pegasus hacking tool. The spyware allows hackers sweeping access to the targets’ smartphones, allowing them to record calls, intercept messages and transform the phones into portable listening devices.
Use of the tool on Mangnale’s phone was “unacceptable and outrageous,” Sullivan said.
“Whatever government is spying on the reporters, there’s no plausible explanation for that other than political gain,” Sullivan said.
OCCRP, a global network of investigative journalists, is known for its sweeping, document-based exposes of corruption and organized crime.
Mangnale, who reports on corporate fraud and government corruption, wasn’t immediately available for comment.
A company that did forensic work for OCCRP on Magnale’s device – an anti-phone-hacking firm called iVerify – said it found a pattern of suspicious crashes on it that matched previously known Pegasus intrusions.
iVerify cofounder Rocky Cole said he could say “with high confidence that this phone was attacked with Pegasus.”
The NSO Group said in an email that it had seen a pattern of organizations “going to the media without conclusive findings,” but didn’t address OCCRP’s specific allegation.
Forensics experts, reporters and human rights workers have alleged the use of Pegasus in other countries too, including on phones of politicians in Poland and journalists in Mexico.
Apple’s recent round of alerts reached more than 20 people in India, most of them opposition politicians, igniting a fresh storm of allegations that New Delhi is using hacking tools against its own citizens just months before a national Indian election is slated to begin.
The Indian government has denied such allegations and last week Information Technology Minister Ashwini Vaishnaw said that the government was investigating the complaints of phone hacking. The Indian Embassy in Washington and Indian government officials in New Delhi didn’t return messages seeking comment on OCCRP’s allegation that its India-based reporter was hacked, or on the status of the government’s investigation into the hacking alerts.
Reporting by Zeba Siddiqui and Raphael Satter; Additional reporting by Munsif Vengattil in Bengaluru; Editing by Rod Nickel
Our Standards: The Thomson Reuters Trust Principles.
Reporter covering cybersecurity, surveillance, and disinformation for Reuters. Work has included investigations into state-sponsored espionage, deepfake-driven propaganda, and mercenary hacking.