From iPhone to SpyPhone: It starts with an innocent message and ends with your intimate secrets stolen by phone-hacking software Pegasus. And guess who's on the payroll of tech firm behind it? Cherie Blair

A text message pinged onto the mobile telephone of Hanan Elatr one day in November 2017, while she was working as a flight attendant for the Dubai-based Emirates airline.

Purportedly from her sister, it contained a link to an internet site, plus a brief line saying that the sibling thought the site might be of interest.

Hanan does not remember how she responded, or even whether she clicked onto the link. But by then it was too late anyway.

Wheels had almost certainly been set in motion that would lead — 11 months later — to her journalist husband, Jamal Khashoggi, being tortured and brutally murdered by a group of bonesaw-wielding thugs at the Saudi Arabian Consulate in Istanbul.

Khashoggi, whose work had upset the Middle Eastern kingdom’s autocratic Crown Prince, Mohammed Bin Salman, is one of hundreds, and possibly thousands, of public figures who appear to have been successfully targeted via a shadowy piece of phone-hacking software named Pegasus.

Jamal Khashoggi (pictured with his wife Hanan) is one of hundreds, and possibly thousands, of public figures who appear to have been successfully targeted via a shadowy piece of phone-hacking software named Pegasus

The product, designed by an Israeli security firm called NSO Group, can be used by clients — who are believed to include the Saudi regime — to secretly hijack a mobile phone by transforming it into a highly-invasive surveillance device.

It acts as a sort of Trojan Horse, secretly gaining access to a phone’s operating system by hiding away in the background of a normal-looking text, WhatsApp, or other message.

Unbeknown to the device’s owner, an infected handset can then transmit video footage — and audio using its microphone — straight back to NSO Group’s clients in real-time.

It will also constantly access location data, showing exactly where the phone’s owner is at any time, along with every photograph and video on the device, plus the contents of the target’s email, social media and other messaging accounts.

In an age when billions of human beings run their entire lives from a pocket-sized electronic device, it is quite simply one of the most powerful spying tools ever invented. Which is also why Pegasus has become so controversial.

Yesterday, Amnesty International claimed that it had obtained a leaked list of 50,000 mobile phone numbers connected to individuals allegedly regarded as ‘people of interest’ to NSO’s various clients in the past five years.

Further reporting by a consortium of news outlets has identified 1,000 people on the leaked document. They came from 50 countries and — significantly — many of them appear to have been selected for intimate surveillance by some of the world’s most corrupt autocracies.

The list includes several heads of state, along with more than 600 politicians and government officials, plus 65 company executives and a host of religious leaders, academics, trade union officials, and charity workers.

In 2020, Pegasus was identified as a likely culprit for the leak of intimate photos of Amazon boss Jeff Bezos, who had been revealed the previous year to be conducting an extra-marital affair with a TV host called Lauren Sanchez

The product, designed by an Israeli security firm called NSO Group, can be used by clients — who are believed to include the Saudi regime — to secretly hijack a mobile phone by transforming it into a highly-invasive surveillance device

Or, to sum up: it names exactly the sort of people your average despot wants his security services to keep an eye on.

Although it’s unclear exactly how many of those listed on the document were successfully targeted, cyber-security experts employed by Amnesty were able to examine 67 handsets belonging to targeted individuals.

Thirty-seven contained traces of Pegasus activity. A total of 23 had been successfully penetrated and another 14 showed signs of penetration attempts.

Among them were friends and family members of Khashoggi. His wife Hanan, whom he married four months before his death in an Islamic ceremony in the U.S. state of Virginia, was targeted twice: once in November 2017, and once the following April.

During that period, she was talking daily to her journalist husband and, despite their globe-trotting existences, met regularly, planning their rendezvous via a variety of encrypted messaging apps in an apparently failed effort to evade surveillance by the Saudi authorities.

It’s possible that Pegasus software was also used to secretly hijack the murdered reporter’s own phone, though that handset remains in the hands of the Turkish authorities.

‘Jamal warned me before that this might happen,’ Hanan told The Washington Post yesterday. ‘It makes me believe they are aware of everything that happened to Jamal through me.’

Also hacked was the second woman in Khashoggi’s complex private life: his fiancee Hatice Cengiz, who was unaware of the existence of Hanan and had accompanied him to Istanbul at the time of his murder.

Hanan does not remember how she responded, or even whether she clicked onto the link. But by then it was too late anyway (pictured: Saudi journalist Khashoggi)

NSO has hired Cherie Blair as an ‘external adviser’ who had been working to help ‘incorporate human rights considerations into NSO activities’ by ensuring its technology is not being misused

Her phone was infected with Pegasus spyware in Turkey around four days after the atrocity, according to analysis by Amnesty. She also said she was not surprised she had been hacked, telling reporters: ‘I was thinking this after the murder. But what can you do?’

The leaked document also reportedly contains numbers for two Turkish officials involved in investigating Khashoggi’s murder, which according to the UN was carried out on the orders of Mohammed Bin Salman.

There were details, too, of Jamal’s close friend Wadah Khanfar, the former director general of the Al Jazeera television network, plus his son Abdullah Khashoggi, Azzam Tamimi, a Palestinian-British activist and friend, and Madawi Al-Rasheed, a London-based scholar who helped found an opposition party of Saudi expatriates following his killing.

It also contained a phone number for Irfan Fidan, the chief prosecutor from Istanbul who later formally charged 20 Saudi nationals over the killing.

It should be stressed that NSO has vigorously denied having anything to do with Khashoggi’s death, and denies carrying out dirty work for corrupt governments. ‘I can tell you very clear. We had nothing to do with this horrible murder,’ its chief executive, Shalev Hulio, told an interviewer.

While he stopped short of saying that the list of phone numbers was a fake, he suggested it had been misinterpreted, saying it depicted the innocent gathering of data for business purposes rather than surveillance.

In a statement, the firm added that it only sells technology to governments approved by Israel, in order to help them target terrorists and break up paedophile rings and sex or drug-trafficking.

It claims its software has helped save thousands of lives and described yesterday’s reporting as being ‘full of wrong assumptions and uncorroborated theories’.

Be that as it may, a striking number of individuals on the leaked document are on the hit list of questionable regimes.

For in recent years, many of them have been the subject of curious scandals in which embarrassing and often highly-personal material has somehow ended up online.

Take Fatima Movlamli a leading activist against Ilham Aliyev, the kleptocratic Azerbaijani dictator and goose-hunting chum of Prince Andrew. In 2019, when she was just 18, a series of intimate photographs of her leaked via Facebook. She is one of six opposition activists who appear to have been targeted.

In India, 300 people were on the list, including various trade unionists opposed to its right-wing Prime Minister Narendra Modi, such as the leading political rival Rahul Gandhi.

In India, 300 people were on the list, including various trade unionists opposed to its right-wing Prime Minister Narendra Modi , such as the leading political rival Rahul Gandhi

In Hungary, whose far-Right Prime Minister Viktor Orban is waging a war against opposition news outlets, a selection were listed as possible targets. In Mexico, 25 journalists appear on the list. Sinisterly, they include Cecilio Pineda Birto, who was shot dead while his vehicle was going through a car wash in 2017.

His name had appeared on the Pegasus list a few weeks earlier, making it quite possible that his location was identified using the software — although NSO said it could also have been discovered via other means. Mexico, where hundreds of potential targets of Pegasus seem to hail from, provides a useful case study in the thorny ethical conundrums that surround the surveillance product, which is believed to have 45 ‘customers’, most of whom are governments.

Initially used by the security services, it’s believed to have done at least some good, and played a central role in identifying the hideout of Joaquin ‘El Chapo’ Guzman, the notorious drug cartel chief who was arrested in late 2016.

Lately, however, the technology appears to have fallen into the wrong hands. Fifty people close to Mexican President Andres Obrador — who is waging a war on drugs — may have been targeted for surveillance, along with proponents of a ‘sugar tax’ which is unpopular with the country’s corrupt elite.

Opponents of the technology also believe it poses a severe threat to democracy by allowing unscrupulous governments not only to spy on opposition politicians but also to hinder journalists working on unflattering stories.

To that end, the list of people targeted for surveillance includes Roula Khalaf, editor of the Financial Times, plus journalists from CNN, The Associated Press, The Wall Street Journal, Bloomberg News and The New York Times.

Fifty people close to Mexican President Andres Obrador — who is waging a war on drugs — may have been targeted for surveillance

Regardless of the rights and wrongs of its business model, NSO’s operations have proven to be very lucrative.

Founded in 2010, it was sold to a private equity firm in 2014 for $130million. Five years later, it was sold back to its founders for a cool $1 billion.

Earlier this year, it was reportedly being lined up for a $ 2billion stock market flotation in Tel Aviv.

However, as its profile has grown, so too have objections to some of its methods, culminating in a series of hostile lawsuits.

In 2019, WhatsApp and its parent company Facebook sued NSO in San Francisco, accusing it of exploiting a flaw in the popular encrypted messaging service to target some 1,400 users.

In 2020, Pegasus was identified as a likely culprit for the leak of intimate photos of Amazon boss Jeff Bezos, who had been revealed the previous year to be conducting an extra-marital affair with a TV host called Lauren Sanchez.

The firm was sued in 2018 in both Israel and Cyprus by a collection of journalists who claim to have been hacked.

And earlier this year it was named in a High Court lawsuit by Ghanem al-Masarir, a Saudi human rights activist based in London, who claims the Middle Eastern country’s security services used Pegasus to ‘track his location’ before employing agents to assault him in Knightsbridge in August 2018.

In every case, NSO has denied wrongdoing and is contesting the claims.

And in a bid to prove itself to be whiter than white, it has hired Cherie Blair — whose former clients included the autocratic regimes of Kazakhstan and the Maldives — as an ‘external adviser’ who had been working to help ‘incorporate human rights considerations into NSO activities’ by ensuring its technology is not being misused.

She was proudly named in a ‘Transparency and Responsibility Report’ published by the firm only last week.

Quite how transparent and responsible she has actually made the firm behind the spy in our pocket will doubtless become clear over the coming days.