Four Kazakhstan Human Rights Activists’ Phones Infected by Pegasus

Published: 10 December 2021

Illicit HackingFour Kazakhstani human rights activists had their phones infected by the NSO Group’s Pegasus spyware. (Photo: Christoph Scholz, Flickr, License)

By Henry Pope

Four Kazakhstani human rights activists had their phones infected by the NSO Group’s Pegasus spyware, according to a forensic analysis by Amnesty International’s Security Lab released on Thursday.

In a nutshell, Pegasus is designed to intercept and extract information from mobile devices in order to access the user’s private information, calls, messages, and location without their knowledge.

Amnesty International conducted tests on the phones of nine Kazakhstani human rights activists and discovered that four had been infected in June of this year.

The victims all belong to the civil rights movement “Oyan, Qazaqstan” (Wake Up, Kazakhstan).

“This case adds to an already mounting pile of evidence that NSO’s spyware is the weapon of choice for governments seeking to silence social movements and crush dissent,” said Marie Struthers, Amnesty International’s Director for Eastern Europe and Central Asia.

Investigations from earlier this year revealed that senior Kazakhstan government officials have also had their phones targeted by Pegasus.

Included in the list of names is President Kassym Jomart-Tokayev, Prime Minister Askar Mamin, and former prime minister Bakytzhan Sagintayev.

Their phones are among those of nearly 2,000 Kazakhstani citizens who have been targeted by NSO’s clients.

Officials from NSO have refused to confirm or deny whether Kazakhstan’s government was a client, and said they do not have access to any of its clients’ records once they have leased the spyware.

Struthers called the unlawful hacking of the activists’ phones a violation of the “right to freedom of expression and association.”

International investigations into how NSO’s clients have utilized its spyware revealed that many of those targeted are journalists, human rights activists, and people seen as a threat to authoritarian figures’ grip on power.

The Israeli surveillance firm claims that it vets its prospective clientele carefully and sells its spyware “solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts.”

The company has, however, admitted that its spyware has violated “fundamental human rights” recognized by governments and human rights groups, according to court documents.

The fallout from international investigations into how NSO Group’s clientele used its spyware has resulted in governments and human rights organizations calling it a massive threat to privacy rights across the globe.

According to the U.S. Department of Commerce, the Israeli surveillance firm’s spyware has “enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent.”

The ways in which NSO’s clients have used Pegasus have also resulted in the surveillance firm receiving a considerable amount of unwanted legal attention.

On Nov. 3, the United States blacklisted NSO Group and placed it on the ‘Entity List’, which bans the group from any further trade or interaction with U.S. companies.

The Department of Commerce justified its decision by stating that NSO’s activities run “contrary to the national security or foreign policy interests of the United States.”

Shortly afterwards, on Nov. 11, a U.S. appeals court denied NSO's motion to dismiss a lawsuit brought on against them by WhatsApp for allegedly infiltrating its servers to infect 1,400 of its users’ mobile devices with malware.

The Israeli surveillance firm attempted to classify itself as a “foreign agent” and unsuccessfully argued that it should benefit from “foreign sovereign immunity” and therefore be protected from liability.

And before the month was up, Apple filed a lawsuit against NSO Group in an effort to ban them from interfering any further with Apple’s products and services.

The tech company stated in court documents that NSO’s spyware had undermined their security protocols and users’ privacy rights via electronic surveillance and “zero-click” exploits, which can be installed onto the victim's phone without any action or input on their part.