Jordan 'highly likely' purchased and used Pegasus spyware against citizens

It is "highly likely" that Jordan's government purchased and used Israeli spyware Pegasus against its own citizens, according to a new report by Frontline Defenders (FLD) and Citizen Lab.

The report, relying on technical analysis of the phones of four victims who were hacked, identified what it believed to be agencies of the Jordanian government using Pegasus since at least August 2019.

The report is the strongest evidence so far that the Jordanian government allegedly purchased and used the Israeli spyware – nearly two years prior to when most suspected Jordan had bought the spyware. 

Mohammed al-Maskati, a researcher with FLD who worked on the report, told The New Arab that while it is impossible to say with 100 per cent confidence who was behind the hacks, several factors point to Jordan as the culprit.

"The targets and the list of domains … all that leads us to the Jordanian government," al-Maskati said.

The Pegasus software, developed by a private Israeli company called the NSO Group, gives hackers access to a phone's entire contents and allows them to use its camera and microphone at will.

It was previously believed that Jordan had been in talks to purchase Pegasus in April 2021, though there had been no confirmation at the time it had bought the spyware.

The New Arab asked the Jordanian Royal Hashemite Court if and when Jordan had purchased the software, but it said it had "no information on the topic." The NSO Group did not respond to a request for comment.

The four victims of hacking examined in the report were Jordanian human rights defenders and journalists who had regularly faced arrest and harassment by authorities due to their work.

Hackers attempted to get them to click on links by sending them text messages disguised as adverts and articles about them. In one case, hackers impersonated a popular opposition figure on WhatsApp and urged the target to click on a link to a tweet.

"I was not surprised. When I first heard that I was hacked, I immediately thought it had been the internal security forces … Most Middle Eastern security agencies do not care about the privacy of their citizens," Malak Abu Oraibi, one of the four hacking victims highlighted in the FLD report, told The New Arab.

Abu Oraibi, a lawyer with the National Centre for Defending Freedoms, said that he thought authorities hacked him to snoop on Jordan's political opposition. He also suspected they also wanted to gather information from his personal life to potentially "blackmail" him.

"This is extremely dangerous. Historically, most countries gradually improve in human rights. We have the opposite in Jordan," Abu Oraibi said.

Rights groups have warned that Jordan has been regressing on human rights and freedoms in recent years. In 2021, rights monitor Freedom House downgraded the country from "Partially Free" to "Not Free" due to its crackdown on civil society.

This year, authorities have arrested scores of activists for their affiliation with opposition groups such as the pro-democracy Hirak movement.

In addition, members of Jordanian civil society have accused the king of expanding his powers at the expense of the country's parliament through a series of constitutional amendments passed in January.

If the report's allegations are true, Jordan will join a growing list of countries such as the UAE and India who have used the Israeli spyware against human rights defenders at home and abroad.

"When someone compromises your privacy, they compromise the privacy of everyone you deal with." @will_christou investigates the trend of women activists in MENA becoming victims of the controversial Pegasus spyware ⬇ https://t.co/ZgU62X2zLI

— The New Arab (@The_NewArab) April 3, 2022

The NSO Group maintains that its software is not used against human rights defenders, and instead plays a vital role in combatting "terrorists, paedophiles and hardened criminals."

Rights groups such as Human Rights Watch have called for a global moratorium on the surveillance industry until a regulatory, rights-respecting framework can be established.

Apple also sued the NSO Group in November 2021 to stop it from hacking iPhone users.

However, the FLD report shows that the NSO Group has continued to hack phones of human rights defenders as recent as December 2021.