Saudi Arabia doesn’t officially recognize Israel, but its hackers are reportedly using Israeli spyware to target dissidents in foreign countries
By Caitlin Foster,
Pegasus, the invasive spyware developed by the Israeli company NSO Group, uses “exploit links” to infiltrate targets’ phones and retrieve data.
Canadian research laboratory Citizen Lab says its uncovered forensic evidence that Saudi Arabian operators used Israeli technology to spy on dissidents in foreign countries.
In a report published in early October, lab researchers outlined how they discovered the NSO group’s spyware on the cell phone of Omar Abdulaziz, an outspoken critic of Saudi Arabia who is currently living in Canada. The research group has been keeping tabs on Pegasus since 2016, when it initially exposed the spyware and connected it to the Israeli cyber company NSO Group.
The spyware is activated when its target clicks on an “exploit link.” Usually sent via text message, the link allows spyware operators to exploit a wide range of data and activity, including emails, messages, and contact lists. Operators can even capture activity, including conversations, using the phone’s camera.
Abdulaziz, who is attending McGill University in Montreal, Quebec, received a text message with a fake package tracking link in the summer of 2018. Citizen Lab, which had been keeping tabs on Pegasus operators and activity, discovered the link through his use of the university’s wifi network.
The Canadian asylee has been a sharp critic of Saudi Arabia; he runs a satirical YouTube channel dedicated to airing his grievances over the kingdom’s human rights record and helps students apply for asylum. In August 2018, Abdulaziz’s brother and several friends were arrested — in what he says was an attempt to silence him.
Citizen Lab discovered the spyware operating on the university’s network and identified its Saudi-based operator. An initial hypothesis — that the operator would be exploiting a Saudi dissident — led them to Abdulaziz.
The lab has so far identified 36 Pegasus operators in 45 countries. Saudi Arabia is one of the nations using the technology to target civil society. In its reports, Citizen Lab refers to the Saudi-based operator as “Kingdom.”