Iraq’s president is potential target of Israeli spyware

Iraqi President Barham Salih is pictured as he speaks on a mobile phone. (Photo: Iraqi Presidency)
Iraqi President Barham Salih is pictured as he speaks on a mobile phone. (Photo: Iraqi Presidency)

ERBIL (Kurdistan 24) – Iraqi President Barham Salih’s mobile phone was identified as a potential target of a spyware developed by an Israeli surveillance company at the center of a major international forensic campaign.

Salih’s phone was identified along with three other heads of state, 10 prime ministers, and one king on a list of potential targets of a system called Pegasus, according to the Washington Post, which has launched an investigation into the program along with 16 other top international news organizations and Amnesty International’s cyber forensic team.

The Pegasus Project uncovered hundreds of public officials’ phone numbers among the 50,000 numbers scrutinized over the last few months as part of the investigation. The Washington Post said it could not confirm whether the Iraqi president’s cell phone had been compromised because none of the targets’ devices were handed over for forensic testing.

Once the spyware infects a phone, the operator can have complete access to the device’s data, including photos and videos, applications, and text messages, and can activate voice and video recording, according to reports from the Post and other international media outlets. 

The report dubbed the program a “pocket spy” for any infected phone.

Pegasus was developed by a private Israeli company, NGO Group, and sold to various government clients around the world, including India, Mexico, Saudi Arabia, and the United Arab Emirates.

It was unclear if any of NGO’s clients attempted “to deliver Pegasus to the phones of these country leaders,” the report said.

French President Emmanuel Macron and South Africa’s Cyril Ramaphosa were also on the list, along with Prime Ministers Imran Khan of Pakistan, Egypt’s Mostafa Madbouly and Morocco’s Saad-Eddine El Othmani. Former leaders’ devices were also on the list of potential targets.

The Guardian revealed that journalists, human rights defenders, and activists from around the world were also on the list.

Why is Pegasus spyware So Dangerous?

The Pegasus spyware is not the only malicious agent capable of infecting mobile devices and extracting their secrets, but it can enter a device undetected, making it especially dangerous. The spyware can infect both iPhone and Android devices through vulnerabilities in common applications.

An early version of Pegasus was first captured in 2016 and required the target to click on a link delivered through a text message or email, the Guardian reported.

The more advanced Pegasus spyware uses a method called “zero-click,” deploying the technology to a targeted phone without any involvement from the user. A simple phone call from an unknown caller could be the spyware’s entrance into a device. NSO malware identified by WhatsApp in 2019 did not require a user to answer the call. 

It is difficult, if not impossible, for a potential target to know if their phone was infected without forensic testing, the media reports have stressed, and none of the users identified by the Washington Post or the Guardian turned over their phone for more conclusive analysis.