NYT reporter details being attacked by Pegasus malware


Protect Your Access to the Internet

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

A journalist who was a victim of hacking by Pegasus spyware has revealed their experience in being a target for hacking, including how suspicious messages and “zero-click” exploits led to access to the journalist’s smartphone.

An investigation in July highlighted how the NSO Group’s Pegasus spyware was used to attack journalists and human rights activists. The spyware, which was intended by NSO Group to only be used for crime prevention and investigative purposes, was misused by some governments to perform surveillance on potentially thousands of activists and journalists.

In a New York Times report, Middle East correspondent Ben Hubbard explains how he became a target, in part due to often speaking to “people who take great risks to share information that their authoritarian rulers want to keep secret.” While Hubbard took precautions to protect sources due to the risk of imprisonment or death, he still became a victim of Pegasus hacking.

In working with Citizen Lab, Hubbard found that he had been targeted with a suspicious text message in 2018, thought to have been sent by Saudi Arabia. The publication’s tech security team uncovered another hacking attempt from 2018, with a second message sent via WhatsApp, inviting the journalist to a protest at a Saudi Embassy in Washington, complete with a suspicious link.

Neither attempt succeeded, Citizen Lab confirmed, as Hubbard didn’t click the links included in each message, though it wasn’t the end of the harassment.

Further investigations of Hubbard’s device revealed a pair of hacks in 2020 and 2021 that were successful, using a zero-click exploit that didn’t require users to click a link to infect. It seems unlikely that the identity of the hacking party will be uncovered, it was discovered that the second hack took place to remove traces left behind from the first.

Pegasus is believed to be used for all of the attacks. NSO Group denied that its products were used in the attacks,…