The Washington PostDemocracy Dies in Darkness

Mexico makes first arrest in Pegasus spying scandal

An NSO Group facility near Sapir, Israel. (Sebastian Scheiner/AP)

MEXICO CITY — Mexican authorities have made their first arrest in the global spy scandal surrounding the malware Pegasus, jailing a technician who worked for a private firm on allegations he was involved in illegally tapping the phone of a broadcast journalist.

Police detained the man on Nov. 1, and a Mexico City judge ordered him imprisoned while the investigation continues, according to a statement from the federal Justice Ministry. Local media identified him as Juan Carlos García, a former employee of Proyectos y Diseños VME, part of the KBH business group.

Authorities did not identify the journalist who was surveilled. But Carmen Aristegui, a well-known investigative reporter, disclosed Tuesday that the case involved the tapping of her phone in 2015 and 2016.

Pegasus is a product of NSO Group, an Israeli firm that says it licenses the malware to governments to pursue terrorists, drug traffickers and other criminals. The company says it carefully screens its clients and cuts off those who abuse the software. But the U.S. Commerce Department recently blacklisted the Israeli firm, saying its spyware had been used by governments to “maliciously target” politicians, journalists, activists, academics and others.

Asked for reaction to the Mexico arrest, NSO said its products “are only sold to vetted and approved government entities, and cannot be operated by private companies or individuals.”

“We regret to see that, over and over again, the company’s name is mentioned in the media in events that have nothing to do with NSO,” the company said in a statement.

García did not enter a plea, and it was not possible to locate his lawyer on Tuesday. Uri Ansbacher, the head of KBH, which is no longer in business, has denied any involvement in illegal spying.

Israeli software used to hack phones of journalists and activists worldwide

Phone-tapping in Mexico exploded in recent years, with new technology permitting the expansion of decades-old practices rooted in the country’s authoritarian past, according to analysts and former officials.

Mexico’s government has acknowledged spending millions of dollars to acquire Pegasus for its Justice Ministry and domestic spy agency, the CISEN, but says it ended such contracts in 2017. Nongovernmental groups identified signs of the NSO spyware in the phones of 26 Mexican journalists, activists and politicians between 2015 and 2017, triggering outrage.

What’s unusual about García’s arrest is that he worked not for the government but for a private firm that licensed the spyware on behalf of NSO Group, according to prosecutors. “We tentatively believe that he’s the person who operated the system [in Mexico] and could be of great importance to the investigation,” said Ricardo Sánchez Pérez del Pozo, a prosecutor, speaking on Aristegui’s daily radio program.

The allegation raises the possibility that business executives were involved in a parallel spy network “for their own gain, but in coordination with senior Mexican officials,” said Leopoldo Maldonado, the Mexico director for Article 19, a press freedom group that has supported Aristegui.

How Mexico's traditional political espionage went high-tech

Aristegui says her phone was infected by Pegasus in 2015, after she and a team of reporters broke a story about a suspicious real estate deal involving the wife of then-President Enrique Peña Nieto. Aristegui’s son, then 16, and one of her colleagues were also targeted, according to an investigation by Citizen Lab, a technology research center at the University of Toronto, and several Mexican nongovernmental groups.

Further questions about abuse of Pegasus emerged this summer, in an investigation by The Washington Post and 16 media partners that found signs of the spyware in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists and businesspeople around the world. Their numbers appeared on a list of more than 50,000 phones concentrated in countries known to have been clients of NSO. Nearly one-third of the numbers were in Mexico.

Journalists found that the list included numbers for scores of top Mexican politicians, as well as for union representatives, journalists and civic activists. Forbidden Stories, a Paris-based journalism nonprofit organization, and Amnesty International, a human rights group, had access to the list and shared it with the news organizations. NSO said the numbers were “not a list of Pegasus targets or potential targets.”

Read more:

Takeaways from the Pegasus Project

Pegasus spyware used to spy on journalists in India

Dubai ruler used Pegasus to hack princess’ phone, court finds

Loading...