Journalists and human rights defenders in Mexico were hacked using spyware made by Israel’s NSO Group as recently as 2021, even after the country’s current government swore it was no longer going to use the hacking software, new research has found.
The alleged victims of the spyware include two journalists who report on issues related to official corruption and a prominent human rights defenders, according to digital rights researchers at R3D (Red en Defensa de Los Derechos Digitales) and The Citizen Lab at the University of Toronto, which tracks such infections.
His statement followed revelations by the Guardian and more than a dozen other media organizations that reported last year that the phone numbers of at least 50 people linked to the Mexican president, popularly known as Amlo – including his wife, children, aides, and doctor – were included in a leaked database at the heart of the Pegasus Project, an investigation into NSO.
The database contained tens of thousands of phone numbers of people who are believed to have been selected as people of interest by government clients of NSO.
The news created a storm in Mexico in part because the extraordinary number of Mexican numbers in the leaked data – about 15,000 individuals including priests, victims of state-sponsored crimes, and the children of high-profile figures – appeared to undermine NSO’s claims that its hacking software should only be used by its government clients to fight serious crime and terrorism.
Mexico was the first country in the world to buy Pegasus, and the software was purchased or operated by various state organs including the defense ministry, the attorney general’s office, and the national security intelligence service (Cisen).
R3D, who received technical support from Citizen Lab, said their new research shows abuses involving Pegasus continued in Mexico.
R3D said its research had led it to conclude with high confidence that the human rights defender Raymundo Ramos was hacked using Pegasus at least three times between August and September 2020. In one case Ramos was found to have been digitally infected with Pegasus after the publication of a video that showed extrajudicial killings of civilians by the Mexican army, which was a case Ramos had discussed in the media.
It also found that journalist Ricardo Raphael, who was reportedly previously targeted and hacked in 2016 and 2017 by a government client of NSO, was hacked using Pegasus again at least three times in 2019 and once in 2020.
Raphael is known for taking on corruption and the nexus between the Mexican government and cartels. When he was first reportedly hacked in 2016, he was reporting on investigations into the forced disappearance of 43 student teachers.
Source: OEM
