NSO Group, the company behind spyware Pegasus, has firmly denied allegations that its software has been used to hack smartphones belonging to journalists, government officials, and human rights activists.

The allegations follow an investigation by a global consortium of 80 journalists across 17 media organisations which was published over the weekend.

Journalist network and non-profit organisation Forbidden Stories, which unearthed the claims on Sunday, said that journalists from around the world have been selected as targets by NSO clients.

Alongside Amnesty International, the non-profit organisation claimed they had access to a leak of more than 50,000 records of phone numbers that NSO clients selected for surveillance.

According to an analysis of these records by Forbidden Stories and its partners, the phones of at least 180 journalists were selected in 20 countries by at least ten NSO clients.

But NSO denied the allegations, claiming that the report by Forbidden Stories is full of wrong assumptions and uncorroborated theories that “raise serious doubts” about the reliability and interests of its sources.

It said unidentified sources have supplied information that has “no factual basis” and are “far from reality.”

“After checking their claims, we firmly deny the false allegations made in their report,” the company said in a statement. “Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims.”

The Israel-based company added that it has reason to believe allegations made by unnamed sources are based on a misleading interpretation of data from accessible and overt basic information, such as HLR Lookup services, which “have no bearing on the list of the customers targets of Pegasus or any other NSO products.”

“Such services are openly available to anyone, anywhere, and anytime, and are commonly used by governmental agencies for numerous purposes, as well as by private companies worldwide,” continued NSO.

It described claims that data was leaked from its servers as a “complete lie” since such data never existed on its servers.

“We would like to emphasise that NSO sells it technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data."

The group is now considering a defamation lawsuit over the claims.

“It is no surprise that this story has a splashy headline,” said an NSO spokesperson. “When reading the story, readers quickly learn that there is no link between the 50,000 numbers to NSO Group or Pegasus.”

They added: “In fact, even the Washington Post’s editor stated that “the purpose of the list could not be conclusively determined” and the list does not identify who puts the numbers on it or why. The report itself stated that “it is unknown how many of the phones were targeted or surveilled”.

It said that the news story is built around 37 of 50,000 phone numbers, with reporters “failing to prove a definitive link between the numbers and NSO.”

Share Story: