International Investigators Targeted by Spyware Sold to Mexican Government


The parents of 43 missing students from Ayotzinapa teachers school hold their portraits and torches during a march 18 months after their disappearance in Mexico City on April 26, 2016. / AFP / YURI CORTEZ (Photo credit should read YURI CORTEZ/AFP/Getty Images)

In the current atmosphere of cyber crime, hacking and spying, this is an especially egregious example: the international team working in Mexico to uncover the mass disappearance of 43 students was targeted with sophisticated surveillance technology known as Pegasus, a powerful spyware program purchased by the Mexican government.

The spyware—sold only to governments, by the way—was created by the NSO Group, an Israeli company whose current majority owner is a U.S.-based private equity firm, Francisco Partners.

The NSO Group, known as professional spies who can hack iPhones with a single text, had been able to keep its surreptitious work under wraps, until the Citizen Lab discovered last summer that it was supplying the United Arab Emirates (UAE) information about an internationally-recognized human rights defender, Ahmed Mansoor.

Thereafter, NSO’s Israeli employees have continued hacking and spying around the world for countless unsavory governments and companies.

Speaking of which, former national security advisor Michael Flynn worked with firms linked to the NSO Group, while serving as a top campaign adviser to Donald Trump.

Now forensic evidence uncovered by the Citizen Lab and its Mexican collaborators, shows that the Interdisciplinary Group of Independent Experts (GIEI, for its Spanish acronym) was being targeted by NSO’s spyware, in addition to being stonewalled and harassed by the government since they began working there in November 2014.

For example, a cell phone belonging to the main GIEI coordinator was receiving text messages with links directly to NSO’s exploit infrastructure.

The coordinator’s phone was used by nearly all members of the group and was often the main source of communication between the investigators, their sources and their GIEI colleagues based in Washington, D.C.

These phone infections occurred in early March of 2016, shortly after the GIEI criticized the Mexican government for interference in their investigation—and as they were preparing their final report.

The investigators said they received identical text messages on their own phones as well, now known to have been an attempt to lure them to click on links that secretly unlocked their smartphones and turned them into surveillance devices, enabling the spyware to monitor all their calls, emails, text messages, calendars and contacts.

Spyware is effective even against encrypted messages and can turn a phone’s microphone and camera against its unwitting owner.

According to a report in the New York Times, this effort to spy on international officials is part of a sweeping espionage offensive in Mexico, where the country’s most prominent journalists, human rights lawyers and anticorruption activists have been targeted by the very same surveillance technology.

These types of powerful spyware tools are making it increasingly clear that civil society is under threat from the misuse of such devices and techniques.

“You are not just hacking anyone’s phone, you are hacking the phone of someone who has been granted immunity,” said Francisco Cox, one of the investigators and a prominent Chilean lawyer. “They couldn’t even search my bags in the airport.”

“If this can happen to an independent body that has immunity and that is invited by the government, it is a bit scary to think of what could happen to a common citizen in Mexico,” he added.

You can keep up with all of HIGH TIMES’ news right here.