The Pegasus spyware continues to be used against journalists and human rights defenders in Mexico, despite promises from the authorities. This was determined by the Mexican NGO R3D, which specializes in defending digital freedoms.
This isn’t the first time Mexican authorities have been accused of abusing Pegasus. As early as 2017, booby-trapped messages were found in the phones of journalists, lawyers or politicians that were supposed to trigger an infection by this software, which could suck up the entire contents of a phone without being able to detect an infection. This time, physical evidence was recovered directly from R3D’s victims’ phones with the help of the University of Toronto’s Citizen Lab, which is a benchmark for spyware detection and analysis.
Also read the archive (2017): In Mexico, the power is accused of spying on journalists
Two journalists and one activist concerned
Three new victims were identified. Among them is Raymundo Ramos Vazquez, whose phone was hacked at least three times in August and September 2020. This human rights defender has worked for years on the Mexican army’s abuses, and these facts emerged shortly after he spoke publicly about the army’s involvement in the killing of three civilians. The Citizen Lab notes that during the period when his phone was infected, Mr. Vasquez was in regular contact with numerous associations and international organizations specializing in the defense of human rights.
The second newly identified victim is named Ricardo Raphael. This journalist was also hacked three times: in 2019 while promoting his book about the Los Zetas cartel; and in 2020, after publicly denouncing the excesses and failures of the authorities in the fight against cartels. Speaking to R3D, he explained that in 2022 he noticed that excerpts of his private conversations had been sent to some of the people he spoke to, no doubt to discredit him.
A third victim, a journalist from Animal Politico, has been found but his identity is being kept secret “for security reasons”. His phone was infected the day an article about human rights abuses by the Mexican army was published.
Also read: Article reserved for our subscribers “Spyware is a very dangerous, devastating tool”: Guilhem Giraud, a former intelligence officer, confides in us
The Mexican government suspects
Given the identity of the victims, the nature of their activities, but also the fact that this spyware is only sold to governments by its developer, the Israeli company NSO Group, the Mexican authorities are the prime suspects of these attacks. However, the Citizen Lab notes that they are also “interesting to cartels” “in some cases,” suggesting a double-diversion of the tool.
When asked by Portal, NSO Group said it could not comment on the case as it had no data. The company said if its tool was misused, it could terminate its customers’ contracts.
Mexico is the first country whose abuse of Pegasus has been documented since 2017: the phones of journalists, lawyers, politicians, activists and human rights defenders were targeted. In 2021, the editorial staff of Project Pegasus, which included Le Monde, revealed that a large part of the entourage of current Mexican President Andres Manuel Lopez Obrador, then the head of the opposition, had been singled out for possible spyware surveillance. Beyond this purely political orientation, entire sections of Mexican civil society had been attacked by Pegasus.
These new cases of infection by the NSO monitoring tool will surely reignite the controversy. Especially since Andres Manuel Lopez Obrador, after being elected in 2018, has repeatedly set himself apart from his predecessor by claiming to renounce Pegasus and illegal surveillance.
Also Read: Article Reserved for Our Pegasus Affair Subscribers: One Year Later, the Twilight of the NSO Group