The organization Network in Defense of Digital Rights (R3D in its Spanish acronym) published a report revealing that Pegasus malware that exploits a weakness in the WhatsApp messaging system continued to operate in Mexico during 2019.
In June 2017, during the six-year period of Enrique Peña Nieto, it was reported that several human rights defenders as well as journalists were spied on using malware, especially by the Attorney General’s Office (PGR in its Spanish acronym) and the Criminal Investigation Agency (AIC in its Spanish acronym) although theoretically only it is intended to be used to investigate criminals and terrorists according to NSO Group, the Israeli spy company that created Pegasus spy software.
The malware program is simply run by a voice call regardless of whether that call is answered or not. From that, you can automatically access all the files, text messages, calls, photographs, passwords, stored data as well as geographical location, camera activation and the microphone of that cell phone.
According to the R3D report earlier this year, there was another spy attack on more than 1400 users whose telephone numbers had the area codes of Mexico, Bahrain and the United Arab Emirates, including 100 journalists and activists.
Last May after the discovery of the cyber attack, WhatsApp said that the fault was identified and resolved in its system but has failed to publish the exact number and identities of people affected by the attack, although some users received a notification informing them that with high probability they had been a target.
In the absence of such information and impunity in the case of 2017, the R3D is asking that they reveal who are responsible for this espionage attack. “We call for the transparent federal government [to reveal] which are the Mexican authorities that have acquired and used Pegasus, as well as the control measures that, where appropriate, have been implemented to prevent them from being used illegally and to avoid impunity in cases of abuse”, they said in a press conference on October 29th in Mexico City.
For more information in Spanish:
El programa Pegasus se instaló en teléfonos de 100 activistas y periodistas de más de 20 países (Proceso el 29 de octubre de 2019)
WhatsApp reveló que el software espía Pegasus operó en México durante 2019 (Infobae el 29 de octubre de 2019)
Ciberataque de espionaje Pegasus en México por WhatsApp (El Imparcial el 30 de octubre de 2019)
Alerta espionaje a mexicanos denunciado por Whatsapp (El Siglo de Durango el 31 de octubre de 2019)
For more information from SIPAZ:
Nacional: Citizen Lab revela intento de hackeo con Pegasus a colegas de periodista asesinato (28 de noviembre de 2019)
National: Federal Mechanism for Journalists and Defenders without Funding (October 14, 2018)