Senior clergy among Togo activists said targeted by Israeli spyware

Anti-government figures, including top members of church, reportedly have phones hacked with NSO Group software; watchdog says unlikely firm can claim they are legitimate targets

An Israeli woman uses her phone in front of a building in Herzliya that housed the NSO Group intelligence firm, August 28, 2016. (Jack Guez/AFP/File)
An Israeli woman uses her phone in front of a building in Herzliya that housed the NSO Group intelligence firm, August 28, 2016. (Jack Guez/AFP/File)

Two senior members of the Church were among a number of Togo anti-government activists who were targeted using software made by Israel’s NSO Group, the Guardian reported on Monday.

According to the newspaper, it was the first known case of the spyware being used on members of the clergy.

A joint investigation by the Guardian and the French newspaper Le Monde revealed that Bishop Benoit Alowonou and five other critics of the government in the West African country were among those alerted by WhatsApp last year that their cellphones had been targeted.

WhatsApp believed the attacks occurred in April and May last year, over a two-week period, with 1,400 users allegedly targeted by the Pegasus spyware sold by NSO.

Four of the targets in Togo agreed to be named by the newspapers: Bishop Alowonou; Pierre Chanel Affognon, a priest; Raymond Houndjo, who is a close associate of a leading opposition politician; and former government minister Elliott Ohin of the opposition party.

Togo has faced criticism from human rights organizations, which condemn government crackdowns and decry what they say is the repeated abuse of political opponents and activists.

Some of the victims told the Guardian that they believed the government was responsible for using the spyware on their phones, although there was no official accusation made.

A senior researcher at an internet watchdog told the Guardian that the targeting of clergy and government opposition activists was “deeply troubling” and that he did not believe NSO could claim the spyware had been legitimately deployed.

John Scott-Railton, a senior researcher at the Citizen Lab, an internet watchdog group, January 17, 2019, in New York (AP Photo/Kathy Willens)

“At this time, Citizen Lab is not conclusively stating which government is responsible for this attack,” said John Scott-Railton. “But the fact that these individuals are all either opposition party members or otherwise critical of the government is troubling.”

Scott-Railton added that he was “especially concerned” that members of the clergy had been among those targeted with the software.

“Yet again, we’re far away from the kinds of targets that spyware companies like NSO claim are the legitimate targets of these cases,” he said.

NSO Group said in a statement to the Guardian: “We are not privy to who our authorized and verified sovereign government clients target using our technology, though they are contractually obliged to only do so against terrorists and criminals. If an investigation is warranted, NSO will conduct one following our industry-leading human rights processes.”

The company added: “We remain incredibly proud of our technology’s contribution in fighting terrorism and serious crime globally and our role in helping governments save lives.”

The president’s office in Togo reportedly did not respond to a request for comment.

WhatsApp is suing NSO Group, accusing it of using the Facebook-owned messaging service to conduct cyber-espionage on journalists, human rights activists and others. The accounts said to have been targeted included those of senior government officials, journalists, and human rights activists worldwide.

Last month a US judge ruled that the lawsuit can go ahead, meaning the Israeli spyware firm could be compelled to reveal information about its clients and practices, the Guardian reported.

This February 19, 2014, photo, shows WhatsApp and Facebook app icons on a smartphone in New York (AP Photo/Patrick Sison)

Judge Phyllis Hamilton reportedly said she had not been fully convinced of NSO Group’s contention that it had no role in the targeting of WhatsApp’s users, but that it appeared the Israeli firm “retained some role” in the targeting of individuals, “even if it was at the direction of their customers.”

The judge said it did not appear to be disputed that the spyware had been used and that the discussion was whether NSO Group’s “sovereign customers” were responsible or whether the firm retained some blame.

The lawsuit said the software developed by NSO known as Pegasus was designed to be remotely installed to hijack devices using the Android, iOS, and BlackBerry operating systems.

The complaint said the attackers “reverse-engineered the WhatsApp app and developed a program to enable them to emulate legitimate WhatsApp network traffic in order to transmit malicious code” to take over the devices.

Pegasus allows agents to effectively take control of a phone, surreptitiously controlling its cameras and microphones from remote servers and vacuuming up personal data and geolocations.

NSO Group has previously claimed that it only licenses its software to governments for “fighting crime and terror” and that it investigates credible allegations of misuse, but activists argue the technology has been instead used for human rights abuses.

Agencies contributed to this report.

Most Popular
read more: