At least 2 Jordanian journalists targeted by Pegasus spyware
Beirut, April 6, 2022 – Jordanian authorities should conduct a prompt and thorough investigation into allegations that two journalists were targeted by the Pegasus spyware, the Committee to Protect Journalists said on Wednesday.
Throughout 2021, Suhair Jaradat, a freelance columnist for outlets including the London-based Arab News site The opinion of the dayhas been repeatedly targeted by the spyware, according to a joint report released Tuesday, April 5 by human rights group Front Line Defenders and digital rights group Citizen Lab, as well as Jaradat, who spoke to CPJ in a telephone interview.
From February to December of that year, Jaradat’s phone was infected with Pegasus spyware on at least six occasions, according to the reporter and this report.
The report says a second journalist, who also works as a human rights activist, had her phone infected with the spyware at least twice in 2021; the report does not name this journalist, and CPJ was not able to immediately identify him.
“Jordanian authorities must promptly and transparently investigate the alleged surveillance of journalist Suhair Jaradat and a second unidentified journalist, and ensure those responsible are held accountable,” said Middle East program coordinator Sherif Mansour. CPJ’s East and North Africa. “Journalists must be able to work without fear of hackers gaining access to their sources or their privacy.”
Jaradat told CPJ that she discovered her phone had been infected in May 2021 and that agents from the local Criminal Investigations Department’s Cybercrime Unit were able to remove the spyware from her device. At a cybersecurity conference in February 2022, she again discovered that her phone had been compromised, she said. The Front Line Defenders and Citizen Lab report said a forensic examination of his phone showed he had been infected with Pegasus six times from February to December 2021.
The joint report says researchers suspect two hacker groups are behind campaigns targeting Jaradat, the anonymous journalist, and human rights defenders in Jordan. One of these groups focused entirely on Jordan, and the other also had operations in Iraq, Lebanon and Saudi Arabia. Front Line Defenders and Citizen Lab wrote that both groups were “probably Jordanian government agencies”. CPJ was unable to immediately determine the origin of the spyware infections.
When CPJ reached out to Jordanian Information Ministry official Dina Doud via the messaging app for comment, she referred CPJ to a statement released by the country’s National Cybersecurity Center, which denied any government involvement in using spyware against journalists, and said it would have been illegal for the authorities to have been involved in such activities.
Jaradat noted: “In Jordan, authorities have previously stated that they do not use this spyware and that people inside the Royal Court have also been attacked by it. So who is behind this attack?
Jaradat writes commentaries on Jordanian politics and often criticizes the authorities. She covered topics such as sedition, the silence of the country’s political opposition and the recent arrests of political and trade union figures.
“I see no reason other than my articles” for inciting the piracy, Jaradat told CPJ. “I don’t know for sure, but I can analyze that the purpose behind putting spyware on my phone is to reach my sources or the people I work with.”
She added that the hack could be “a way to pressure me to stop writing”.
CPJ has documented the use of Pegasus, spyware created by the Israeli company NSO Group, to target journalists around the world and monitor their phones’ cameras, microphones, emails, text messages and calls. Journalists have been targeted with the software in Morocco, the United Arab Emirates and Saudi Arabia, among other countries.
CPJ emailed the NSO Group for comment, but received no response. NSO Group says it only licenses its Pegasus spyware to government agencies investigating crime and terrorism.