Report: Journalists at top media outlets picked by UAE as targets of ‘israeli’ malware

The Guardian and 16 other media organizations collaborated on the investigation into a leaked list of over 50,000 mobile phone numbers selected for possible surveillance by customers of Israeli spyware firm NSO group since 2016.

The number of Lebanese-born Roula Khalaf, who became last year the London-based newspaper’s first-ever female editor, was included in the leaked list.

According to the investigation, the UAE is believed to have selected Khalaf as a possible hacking target in 2018, when she was deputy editor at the FT.

The Guardian revealed that Khalaf was “one of more than 180 journalists” around the world who were selected as possible candidates for surveillance by government clients of NSO.

The investigation also suggested that the UAE is believed to have selected the Egyptian and Qatari phone numbers belonging to Greg Carlstrom, a Middle East reporter at the Economist, as hacking targets.

The leaked data also included a phone number belonging to American journalist Bradley Hope, who at the time of his selection was an employee at the Wall Street Journal.

The UAE is believed to have picked Hope as a possible candidate for surveillance around the same time he was fact-checking a draft of a book on 1MDB, a corruption scandal involving the theft of $4.5bn from the state of Malaysia that led to the ousting of the country’s prime minister, Najib Razak. The investigation suggested the possibility that some of the money had been spent on a luxury yacht, called the Topaz, for Sheikh Mansour, the deputy prime minister of the UAE and a senior member of the Abu Dhabi royal family.

“I think probably the number one thing that anyone targeting my phone would want to know is: who are my sources?” Hope told the Guardian, adding, “They would want to know who it is that is providing this insight.”

The investigation also found that Abu Dhabi may have deployed malware against a further 10,000 phone numbers belonging to activists and lawyers.

Apart from the UAE, the investigation found that the governments of Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda and Saudi Arabia all selected journalists as possible surveillance targets.

Researchers at Citizen Lab at the University of Toronto said they found that in July and August 2020 that operatives linked to Saudi Arabia and the United Arab Emirates used Israeli firm NSO Group’s Pegasus spyware to hack dozens of Qatar-based Al Jazeera journalists.

NSO spyware was also implicated in the gruesome killing of prominent Saudi dissident journalist Jamal Khashoggi, who was murder after visiting the kingdom’s consulate in Turkey’s largest city of Istanbul in October 2018 to collect documents that he needed for a his planned marriage.

US intelligence agencies said in February that the Saudi de facto leader, Crown Prince Mohammed bin Salman, had approved Khashoggi’s death.

Former US National Security Agency contractor and whistle-blower Edward Snowden said Saudi Arabia may have used software made by an Israeli cyber firm to track Khashoggi.

Snowden said that the smartphone of one of Khashoggi’s friends, who was living in exile in Canada, had been infected with Pegasus spyware.

He said the software allowed the Saudis to collect information about Khashoggi, and know his intention and plans.

Pegasus spyware reportedly allows almost unlimited surveillance of mobile phones. It is seen as the world’s most powerful mobile spyware application.