A leaked database and analysis of infected phones show that the months before Saudi dissident and journalist Jamal Khashoggi and even at least a year after his gruesome murder, people associated with him including two women closest to him, were selected for potential surveillance by clients of the Israeli company NSO Group.
The Pegasus Project, a joint investigation of over 16 media groups across the world, led by French journalism non-profit Forbidden Stories, probed an unprecedented leaked list of 50,000 mobile phone numbers of individuals mostly living in client countries of the NSO Group. The media partners had accessed the data and the list was then subjected to further examination with forensic analysis of phones conducted by Amnesty International’s Security Lab.
According to the report of The Wire, the phones of Hatice Cengiz and Hanan Elatr – who were engaged to and married to Khashoggi, respectively – were forensically examined, with a successful infection confirmed on one of them. Another close associate of Khashoggi’s was also compromised through his mobile phone. Phone numbers of two top Turkish officials who were directly linked to the investigation into Khashoggi’s murder have also appeared on the leaked list, a portion of which was found through forensic analysis to have tell-tale signs of Pegasus spyware.
The phones of Hatice Cengiz and Hanan Elatr, who were engaged to and married to Khashoggi, respectively, were forensically examined with a successful Pegasus infection confirmed on one of them. The leaked list includes the numbers of another close associate of Khashoggi and also of the top Turkish officials who were directly linked to the investigation into his murder.
This February, an unclassified report by the US intelligence community claimed that Saudi Crown Prince Mohammad bin Salman had ordered the “capture or kill” of the self-exiled Saudi journalist, a vocal critic of the royal family.
Elatr recalled that Khashoggi had taught her to use various apps as he thought that it would be easier to circumvent any surveillance. When he spoke to other colleagues living abroad, her phone used to be on their living room’s tea table in Virginia.
“Jamal warned me before that this might happen. It makes me believe they are aware of everything that happened to Jamal through me,” she said.
In a statement, NSO said that its product was not used against Khashoggi or his associates.
“As NSO has previously stated, our technology was not associated in any way with the heinous murder of Jamal Khashoggi. This includes listening, monitoring, tracking, or collecting information. We previously investigated this claim, immediately after the heinous murder, which again, is being made without validation,” said the NSO statement.
The link with Pegasus had previously been reported when University of Toronto’s Citizen Lab had confirmed that Canadian permanent resident and Khashoggi’s friend Omar Abdulaziz’s phone was infected in June 2018 with NSO’s Pegasus spyware, with Saudi Arabia being the possible client, according to The Wire’s report.
Now, the phone analysis and leaked list have revealed that the targeting of Khashoggi’s circle was far more widespread than previously understood.