The United Arab Emirates (UAE) asked an Israeli spyware company to hack into the phones of the Qatari emir, a Saudi prince and Lebanese PM among other political and regional rivals, emails obtained by the New York Times appear to show.
According to a report published on Friday, leaked emails submitted in two lawsuits against the Israel-based NSO Group suggested involvement in illegal spying for clients.
The two lawsuits were filed in ‘Israel’ and Cyprus by a Qatari citizen and Mexican journalists and activists who were targeted by the company’s spyware program, Pegasus.
Emails submitted in the lawsuits showed that the UAE signed a contract to license the company’s surveillance software “as early as August 2013”.
The Emiratis sought to intercept the phone calls of Qatar’s Emir Sheikh Tamim bin Hamad Al Thani in 2014, as well as Saudi Prince Mutaib bin Abdullah – seen as a contender for the throne at the time – and Saad Hariri, Lebanon’s current prime minister.
To activate the spyware on the target’s phone, a text message is sent with a link.
If the target clicks on the link, Pegasus is secretly downloaded to the phone, enabling the user of the technology to gain access to all contact details, text messages, emails and data from online platforms such as Facebook, Skype, WhatsApp, Viber, WeChat and Telegram.
The technology can also monitor phone calls and “potentially even face-to-face conversations conducted nearby”.
According to the New York Times, the lawsuits argue that the NSO Group’s affiliate successfully recorded the calls of a journalist and attempted to spy on foreign government officials at the request of its Emirati customers four years ago.
The hacking of Qatar’s state-run news agency and government social media accounts on May 24, 2017, set into motion a major diplomatic crisis, which saw Saudi Arabia, the UAE, Bahrain and Egypt sever diplomatic relations and cut off land, air, and sea links with Qatar on June 5 last year.
The NSO Group group also sold the surveillance technology to Mexico on condition that it should be used only against criminals and “terrorists”, yet some of the country’s most prominent journalists, academics, human rights lawyers and criminal investigators have been targeted.
On August 1, Amnesty International released a report that said one of its employees was baited with a suspicious WhatsApp message in early June about a protest in front of the Saudi Embassy in Washington, DC.
The London-based human rights organisation said it traced the malicious link to a network of sites tied to the NSO Group.
The company has previously admitted charging customers $650,000 to hack 10 devices, on top of a $500,000 installation fee.