Pegasus spyware monitored journalists critical of Bukele’s Bitcoin plan

Hackers installed Pegasus spyware on 35 journalists' phones from El Faro, the only publication in El Salvador to criticize its president.

Canadian researchers have discovered the powerful Pegasus spyware on phones belonging to 22 journalists at El Faro — one of the few major outlets in El Salvador to criticize the country’s president and formally investigate his Bitcoin and Tether initiatives.

Collaborating with Access Now, Citizen Lab found hackers had targeted journalists who frequently reported negatively on government officials. The spyware installations occurred between July 2020 and November 2021.

After president Nayib Bukele (who previously declared himself “world’s coolest dictator”) adopted Bitcoin as legal tender last year, El Faro voiced concerns about his prioritization of cryptocurrencies over the needs of its citizens.

For instance, the publication reported on Bukele’s plans to build geothermal-powered Bitcoin mining facilities near towns that suffer from severe lack of water.

Doing so could exacerbate water shortages in those towns, endanger health of their populations, and increase water conflicts.

Citizen Lab’s “Project Torogoz” revealed spyware on mobile devices of El Salvadoran journalists.

Citizen Lab says that Pegasus spyware on El Faro journalists’ phones enabled constant surveillance for 17 months, including infiltrating editor-in-chief Oscar Martinez’s phone at least 42 times.

Phones belonging to journalists at a string of other local outlets were also laced with spyware, as well as two independent reporters and other civil service targets. Overall, 35 individuals were found affected.

The group reported the findings to Amnesty International’s Security Lab, which independently confirmed the results.

Where did Pegasus spyware come from?

Israeli tech firm NSO Group Technologies, a governmental surveillance contractor, created Pegasus. Israel’s government classifies the surveillance tool as a weapon and licenses its use to foreign governments.

The “zero-click” spyware can capture encrypted messages, photos, contacts, and sensitive documents from compromised phones.

Pegasus can also turn infected devices’ cameras and microphones on to record audio and video of the target’s activities.

Pegasus is marked as the most powerful spyware ever created.

Early versions of the software were reportedly used to monitor drug lord El Chapo in 2011.

Pegasus has since been detected on devices belonging to politicians, activists, and journalists around the world, including London-based reporters and the inner circle of slain Washington Post columnist Jamal Khashoggi.

Researchers say El Salvador no stranger to mass surveillance

Citizen Lab senior researcher John Scott-Railton says that someone inside El Salvador was likely using the software to target journalists and activists.

The communications office for El Salvador’s President Nayib Bukele predictably denied that the government endorsed the use of Pegasus.

“I can’t think of one case where near-exclusive Pegasus targeting in one country didn’t wind up being a user in that country,” said Scott-Railton.

Nayib Bukele faced protests in capital San Salvador for his Bitcoin gambit.

Read more: [Read this before criticizing El Salvador’s adoption of Bitcoin as legal tender]

In a 2020 report, Citizen Lab also alleged that El Salvador was one of 25 countries using mass surveillance software built by NSO Group-affiliate Circles, alongside Belgium, Australia, Mexico, and Chile.

Circles’ software (not to be confused with crypto company Circle) can intercept data from cell phone networks to “snoop on calls, texts, and the location of phones,” according to Citizen Lab.

Follow us on Twitter for more informed crypto news.

Update 12:46 UTC, Jan 14: Corrected numbers of individuals affected throughout.