Analysts Say Use of Spyware During Conflict Is Chilling
The use of sophisticated spyware to hack into the devices of journalists and human rights defenders during a period of conflict in Armenia has alarmed analysts.
A joint investigation by digital rights organizations, including Amnesty International, found evidence of the surveillance software on devices belonging to 12 people, including a former government spokesperson.
The apparent targeting took place between October 2020 and December 2022, including during key moments in the Nagorno-Karabakh conflict, Amnesty reported.
The region has been at the center of a decades-long dispute between Azerbaijan and Armenia, which have fought two wars over the mountainous territory.
Elina Castillo Jiménez, a digital surveillance researcher at Amnesty International’s Security Laboratory, told VOA that her organization’s research — published earlier this year — confirmed that at least a dozen public figures in Armenia were targeted, including a former spokesperson for the Ministry of Foreign Affairs and a representative of the United Nations.
Others had reported on the conflict, including for VOA’s sister network Radio Free Europe/Radio Liberty; provided analysis; had sensitive conversations related to the conflict; or in some cases worked for organizations known to be critical of the government, the researchers found.
“The conflict may have been one of the reasons for the targeting,” Castillo said.
If, as Amnesty and others suspect, the timing is connected to the conflict, it would mark the first documented use of Pegasus in the context of an international conflict.
Researchers have found previously that Pegasus was used extensively in Azerbaijan to target civil society representatives, opposition figures and journalists, including the award-winning investigative reporter Khadija Ismayilova.
VOA reached out via email to the embassies of Armenia and Azerbaijan in Washington for comment but as of publication had not received a response.
Pegasus is a spyware marketed to governments by the Israeli digital security company NSO Group. The global investigative collaboration, The Pegasus Project, has been tracking the spyware’s use against human rights defenders, critics and others.
Since 2021, the U.S government has imposed measures on NSO over the hacking revelations, saying its tools were used for “transnational repression.” U.S actions include export limits on NSO Group and a March 2023 executive order that restricts the U.S. government’s use of commercial spyware like Pegasus.
VOA reached out to the NSO Group for comment but as of publication had not received a response.
Castillo said that Pegasus has the capability to infiltrate both iOS and Android phones.
Pegasus spyware is a “zero-click” mobile surveillance program. It can attack devices without any interaction from the individual who is targeted, gaining complete control over a phone or laptop and in effect transforming it into a spying tool against its owner, she said.
“The way that Pegasus operates is that it is capable of using elements within your iPhones or Androids,” said Castillo. “Imagine that it embed(s) something in your phone, and through that, then it can take control over it.”
The implications of the spyware are not lost on Ruben Melikyan. The lawyer, based in Armenia’s capital, Yerevan, is among those whose devices were infected.
An outspoken government critic, Melikyan has represented a range of opposition parliamentarians and activists.
The lawyer said he has concerns that the software could have allowed hackers to gain access to his data and information related to his clients.
“As a lawyer, my phone contained confidential information, and its compromise made me uneasy, particularly regarding the protection of my current and former clients’ rights.” he said.
Melikyan told VOA that his phone had been targeted twice: in May 2021, when he was monitoring Armenian elections, and again during a tense period in the Armenia and Azerbaijan conflict in December 2022.
Castillo said she believes targeting individuals with Pegasus is a violation of “international humanitarian law” and that evidence shows it is “an absolute menace to people doing human rights work.”
She said the researchers are not able to confirm who commissioned the use of the spyware, but “we do believe that it is a government customer.”
When the findings were released this year, an NSO Group spokesperson said it was unable to comment but that earlier allegations of “improper use of our technologies” had led to the termination of contracts.
Amnesty International researchers are also investigating the potential use of a commercial spyware, Predator, which was found on Armenian servers.
“We have the evidence that suggests that it was used. However, further investigation is needed,” Castillo said, adding that their findings so far suggest that Pegasus is just “one of the threats against journalists and human rights defenders.”
This story originated in VOA’s Armenia Service.
…