- Saudi agents are reportedly installing spyware on people’s smartphones to crack down on critics living abroad.
- At least one Saudi critic was targeted by Israeli cyberintelligence firm NSO Group’s Pegasus spyware software, which enables hackers to access messages, photos, microphone, and camera, researchers at Toronto’s Citizen Lab reported this week.
- That critic was identified as outspoken Saudi critic and personality Omar Abdulaziz.
- Abdulaziz told Business Insider he had no idea he was being spied on until Citizen Lab reached out, but has noticed suspicious messages discussing intimate details of his romantic life.
- The 27-year-old said the Saudi government arrested two of his brothers and several of his friends back home in Saudi Arabia due to his activism, and he has not heard from them since.
Saudi agents are reportedly secretly installing spyware on people’s smartphones to crack down on critics living abroad.
At least one critic of the kingdom had his smartphone targeted by Israeli cyberintelligence firm NSO Group’s Pegasus spyware software, which enables hackers to gain access to messages, photos, emails, microphone, and camera, according to a new report from Citizen Lab, a Toronto information and technology lab.
The report’s authors assessed with “high confidence” that outspoken Saudi critic and YouTuber Omar Abdulaziz was targeted with the spyware in June.
Abdulaziz’s device got infected after he clicked on a link purportedly sent from the courier company DHL, the report said. He had made a purchase on Amazon earlier and later received a text message from DHL explaining that a package was due to be shipped, the report said.
But the message instead linked to a website that, according to Citizen Lab, had been identified as a known Pegasus exploit domain, and clicking on the link resulted in the infection of the software onto his phone.
How the lab figured out Abdulaziz was being targeted
Screenshot/YoutubeProminent Saudi critic Omar Abdulaziz had his smartphone infected by spyware, Citizen Lab said.
Citizen Lab concluded the Abdulaziz was a target because someone using a consumer and university Internet Service Provider (ISP) in Quebec, Canada, found an infection by the Saudi-linked agent.
The lab then contacted the Saudi diaspora in Quebec and determined that Abdulaziz, a student at the city’s Bishop’s University, best fit the description.
By corroborating his movements and the suspicious DHL message on his phone, the lab concluded with “high confidence” that he was likely the target of the malicious attack.
Citizen Lab said they were drawn to investigate Abdulaziz after publishing research in September on Pegasus spyware being used in operations in 45 countries.
The lab found that one Pegasus operator appeared to be acting in the interest of Saudi Arabia in a series of complex overseas operations, and actively monitoring targets in countries like Bahrain, Canada, Egypt, France, Iraq, Jordan, Lebanon, Morocco, Qatar, Turkey and the UK.
One of the targets earlier this year appeared to be London-based Saudi dissident and Amnesty International researcher named Yahya Assiri, the September report said.
Abdulaziz had no idea he was being spied on until Citizen Lab reached out
Abdulaziz first moved from Saudi Arabia to Canada as a student, and became actively involved in political commentary online. He says he decided to apply for political asylum in 2014 because he felt that his outspoken criticism of the government posed risks back home.
According to the 27-year-old, who hosts a popular satirical news program on YouTube, the government arrested two of his brothers and several of his friends back home in Saudi Arabia in August in response to his activism.
He said he did not suspect his phone was being monitored until Citizen Lab reached out to corroborate its hypothesis.
“When they [Citizen Lab] reached out I figured that someone must have been listening to me and reading the conversations between me and my friends and my brothers,” he told Business Insider. “Some of them were arrested, and I’m sure hackers had access to everything on my phone.”
Abdulaziz also says he began receiving messages from unknown Twitter and Snapchat accounts in the past month discussing intimate details about his personal and romantic life, which he had not discussed publicly.
He says he no longer uses that phone to discuss personal matters with anyone in Saudi Arabia.
“Now I’m ok, but I’m still concerned about the safety and security of my brothers and friends, many of whom I haven’t heard from since they disappeared,” he added. “We haven’t received any news about them and I don’t know if they’re ok.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.