The New York Times reports that a new investigation by the University of Toronto's Citizen Lab has uncovered a spyware campaign targeting Mexican journalists, lawyers and anti-corruption investigators.
“The targets include lawyers looking into the mass disappearance of 43 students, a highly respected academic who helped write anti-corruption legislation, two of Mexico’s most influential journalists and an American representing victims of sexual abuse by the police,” The Times reports. “The spying even swept up family members, including a teenage boy.”
The newspaper states that at least three Mexican federal agencies purchased about $80 million worth of spyware created by an Israeli cyberarms manufacturer. NSO Group, which makes the software, told The New York Times that it sells exclusively to governments with an agreement that the software only be used to battle terrorists or drug cartels and criminal groups.
The spyware used SMS messages to trick targets into clicking on links that then lead to an infection of the target’s phone. The messages included impersonating official messages from the Embassy of the United States of America in Mexico, AMBER Alerts about abducted children, and warnings about personal safety.
“Time and again, companies like these, when presented with evidence of abuse, effectively pass the buck, claiming that they only sell to ‘government agencies’ to use their products for criminal, counterintelligence, or anti-terrorism purposes,” says Ron Deibert, professor of political science and director of U of T's Citizen Lab, located at the Munk School of Global Affairs. “The problem is that many of those government clients are deeply corrupt; what constitutes a ‘crime’ for officials and powerful elites can include any activity that challenges their position of power – especially investigative journalism.”
The latest investigation is a follow up to a previous Citizen Lab report released in February. Citizen Lab, at the time, documented how Mexican government food scientists, health, and consumer advocates – all vocal proponents of Mexico's 2014 soda tax, the first national tax of its kind targeting consumption of sugary drinks in Mexico – also received links to infrastructure that were connected to NSO Group.
In August 2016, Citizen Lab released a report about how United Arab Emirates (UAE) activist Ahmed Mansoor was targeted with NSO and his iPhone 6 was infected via a malicious link in an SMS text message.