Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Reuters
Reuters
Technology
By Daina Beth Solomon

Mexico's alleged victims of Pegasus spyware seek criminal probe

FILE PHOTO: The word Pegasus and binary code are displayed on a smartphone which is placed on a keyboard in this illustration taken May 4, 2022. REUTERS/Dado Ruvic/Illustration/File Photo

Three human rights investigators filed a complaint with Mexican prosecutors on Monday calling for a probe into the alleged "interception of private communications without legal authorization," according to Leopoldo Maldonado, the Mexico director of rights group Article 19.

The complaint submitted to the Attorney General's office follows a report that phones of at least three human rights investigators in Mexico were infected with Pegasus spyware during the current government.

Mexican President Andres Manuel Lopez Obrador, who took office in 2018, pledged to no longer deploy the technology - which can be used to remotely break into phones and is typically only sold to governments or law enforcement - after a scandal erupted around its use under his predecessor.

Pegasus belongs to Israeli spyware firm NSO Group.

Article 19 is aiding the two journalists and one human rights defender whose phones were infected between 2019 and 2021.

The Pegasus infections were verified by Citizen Lab, a leading cybersecurity research group at the University of Toronto, and published on Sunday in a report by Mexican digital rights advocacy group R3D. Reuters could not independently confirm the findings.

The Attorney General's office did not immediately reply to a request for comment about the complaint.

Lopez Obrador's office, the Defense Ministry, the Interior Ministry, and Mexico's top human rights official did not respond to requests for comment.

Intercepting private communications is only allowed with a judge's prior consent for reasons such as national security, and doing so without authorization can be punished with six to 12 years of jail time.

NSO Group said it could not validate Citizen Lab's findings without seeing data which it said the research group does not share.

"Review by NSO Group is the only way to truly verify the accuracy," a spokesperson said in a statement.

The company added that it does not operate Pegasus or collect information about clients or who they monitor, and it terminates contracts when it finds wrongdoing.

Citizen Lab in a past case advised NSO Group to reach out to victims directly to seek additional information beyond what it published publicly.

Ricardo Raphael, one of the journalists whose phone was infected with Pegasus in 2019 and 2020, urged others to speak up.

"I highly doubt we're the only ones to have been infected," he said.

(Reporting by Daina Beth Solomon; Additional reporting by Lizbeth Diaz; Editing by Leslie Adler)

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.