UAE reportedly hacked Financial Times editor using Israeli spyware

UAE has also reportedly targeted journalists at the Wall Street Journal and The Economist

The United Arab Emirates may have used Israeli spyware to hack a mobile phone belonging to the editor of the UK’s Financial Times newspaper, a major investigation has found.

Lebanese-born Roula Khalaf, who became last year the London-based paper’s first female editor, was one of more than 180 journalists around the world selected as candidates for surveillance by government clients of the Israeli NSO group, according to the Guardian.

The investigation found that the UAE, which has deployed NSO spyware in the past, was also possibly behind the hacking of journalists at The Economist and Wall Street Journal, and may have deployed malware against a further 10,000 phone numbers belonging to activists and lawyers.

NSO spyware was implicated in the gruesome killing of Saudi journalist Jamal Khashoggi, a Middle East Eye and Washington Post columnist who was dismembered by a Saudi hit squad in Riyadh’s Istanbul consulate in October 2018 and whose body has never been found.

NSO, which is subject to regulation by Israel’s minister of defence, has been embroiled in a series of hacking scandals in recent years and is being sued by Facebook.

The investigation by the Guardian and 16 other media organisations suggested the continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is solely intended to fight “serious crime and terrorism.”

In addition to the UAE, the investigation found that the governments of Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda and Saudi Arabia all selected journalists as possible surveillance targets.

The UAE is thought to have picked Khalaf as a potential hacking target in 2018, when she was deputy editor at the FT. 

Her number was included in a leaked list of mobile phone numbers selected for possible surveillance by NSO clients. 

However, the presence of her phone number in the data does not reveal whether she was subject to an attempted hack. 

Nonetheless, NSO’s flagship product, Pegasus, allows operators to extract messages, photos and emails, record calls and secretly activate microphones on iPhones and Android devices.

‘Who are my sources?’

Also listed in the leaked records is a phone number belonging to American journalist Bradley Hope, who at the time of his selection was an employee at the Wall Street Journal.

Hope had been fact-checking the draft of a book on 1MDB, the multi-billion dollar Malaysian corruption scandal that led to the prosecution of that country’s prime minister, Najib Razak.

The book suggested that some of the money was spent on a luxury yacht for Sheikh Mansour, a senior Abu Dhabi royal who is the UAE’s deputy prime minister and owner of Manchester City Football Club.

The UAE is believed to be behind Hope’s listing.

“I think probably the number one thing that anyone targeting my phone would want to know is: who are my sources?” Hope told the Guardian. “They would want to know who it is that is providing this insight.”

Egyptian and Qatari phone numbers belonging to Greg Carlstrom, a Middle East reporter at the Economist, were also listed, in what is also believed to be an attempted hack by the UAE.

‘Press freedoms are vital’

Rights groups have previously sounded the alarm at the use of spyware by the UAE and other Gulf nations.

In 2018, Citizen Lab, a research and development organization at the University of Toronto, said that it had witnessed “significant expansions” of the usage of Pegasus in Saudia Arabia, UAE and Bahrain.

Riyadh had reportedly used Pegasus to track and spy on Jamal Khashoggi prior to his killing in the Saudi embassy in Istanbul. US intelligence agencies said in February that the Saudi crown prince, Mohammed bin Salman, was responsible for Khashoggi’s death.

Saudi authorities also used Pegasus to bug phones during a so-called anti-corruption campaign ordered by bin Salman, during which members of the Saudi royal family, government ministers and business tycoons were rounded up and detained in the Ritz Carlton hotel in Riyadh in November 2017. 

Human rights defender Ahmed Mansour, held in solitary confinement in an Emirati prison since 2017, was targeted by Pegasus spyware.

In December, 36 journalists, producers, anchors and executives at Qatari news channel Al Jazeera said that their phones had been hacked with Pegasus by the governments of Saudi Arabia and UAE.

Backed by the likes of tech-giants Microsoft and Google, Facebook is currently locked in a legal battle with NSO group, accusing the Israeli firm of seeking to infect approximately 1,400 “target devices” with malicious spyware that could be used to steal user information from WhatsApp, a messaging application owned by Facebook.

In a statement to the Guardian and partner organisations, NSO denied the investigation’s “false claims” but said that it would “continue to investigate all credible claims of misuse and take appropriate action”. 

The company added: “NSO Group is on a life-saving mission, and the company will faithfully execute this mission undeterred, despite any and all continued attempts to discredit it on false grounds.”

A spokesperson for the Financial Times told the Guardian: “Press freedoms are vital, and any unlawful state interference or surveillance of journalists is unacceptable.”