A New York Times journalist was reportedly hacked by the Pegasus spyware (yes, the one that had been doing the rounds on the news recently), after he reported to the NSO about previous hacking attempts against him.
Ben Hubbard was the target of multiple hacking attempts between June 2018 to June 2021, at the hands of the notorious Pegasus spyware, which was developed by the Israel-based NSO Group. Interestingly, the targeting occurred when he was reporting on Saudi Arabia, while also writing a book about Crown Prince Mohammed bin Salman.
His systems eventually did become infected with the malware in July 2020 and June 2021, dating them sometime after he had complained to NSO Group that he had become a target of the Saudi-associated KINGDOM Pegasus operator back in 2018.
The news was first reported by Citizen Lab, which states that while it is known that the attack was indeed orchestrated using the spyware, the activity can’t be attributed to a “specific NSO Group customer” as of now. Nevertheless, they do say that the it may the same operator who hacked a Saudi activist this year.
Keeping Tabs on Journalists and Activists
The Pegasus spyware has been known to be used for tapping the likes of iPhones since at least 2017, and had been in the news recently after it was found that it was used (allegedly by world governments) to spy on a number of activists and journalists.
As such, it doesn’t really come as a surprise that the New York Times journalist became a target for the spyware, seeing as how he was involved in covering details about Saudi that may or may not have been irksome to country’s government.
NSO Group Denying Links
Hubbard’s phone was hacked using Pegasus on June 13, 2021, the report says, with the infection process having started around 15:45:20 GMT. The exploit was apparently orchestrated through an iMessage account which sent a number of messages to Hubbard, and interestingly, this same account also communicated with the device of a Saudi activist who is known to have suffered a Pegasus attack as well.
As of last year, the exploit against Hubbard took place on July 12, 2020, with the infection starting around 16:46:01 GMT. It may be noted that while Citizen Lab remains confident that the attacks were carried out through the Pegasus spyware, NSO Group has staunchly been denying all allegations that the communications received by Ben Hubbard had anything to do with them.