Recent forensic analysis indicates that the United Arab Emirates government installed the Pegasus spyware on the mobile phone of Hanan Elatr, wife of Jamal Khashoggi, journalist and columnist for The Washington Post who was murdered on October 2, 2018.
The analysis was conducted by Citizen Lab, a security and privacy research center based in Toronto, Canada. The Pegasus spyware was infiltrated into Elatr's phone a month before Khashoggi was killed.
Based on his report, a forensic investigation of two of Elatr's Android phones revealed that an unknown person used one of these phones to open the site, which then infiltrated Pegasus into the phone.
This happened after Elatr's cellphone was confiscated by security officers while he was at Dubai Airport. In further analysis, Citizen Lab revealed that the site is controlled by the NSO Group, which acts on behalf of its consumers in the United Arab Emirates.
NSO itself has denied allegations that its spyware was used to target Khashoggi or people close to him, including Hanan Elatr. But Citizen Lab's analysis says otherwise.
In a leak containing 50,000 phone numbers that have been circulating and are suspected to be lists of Pegasus victims, Citizen Lab found the numbers belonging to Elatr and Hatice Cengiz, Khashoggi's fiancé who lives in Turkey.
The leak is part of a large investigation carried out by various mass media in several countries, called The Pegasus Project. The investigation revealed that Pegasus was used to spy on journalists, activists, politicians, and even the president.
The telephone number list contains hundreds of telephone numbers for government officials, 180 journalists from various media such as CNN, The New York Times, Bloomberg, Le Monde, and El Pais. There are even phone numbers belonging to French President Emmanuel Macron, South African President Cyril Ramaphosa, and Pakistani Prime Minister Imran Khan.
Google's cybersecurity division, Project Zero, recently looked into the exploits used by NSO to infiltrate spyware on iPhones. Project Zero praised the sophistication of the exploit, as well as said that it was a very terrible and dangerous exploit.