Spain says cellphones of Prime Miner, Defense Miner hacked with Pegasus

Data was downloaded from cellphones used the prime miner and the defense miner of Spain that were infected with powerful spyware known as Pegasus from an Israeli company, the country’s government said Monday.
The revelation that Pegasus reached the highest echelons of the Spanish government broadens a scandal over political spying in the country, after a cybersecurity watchdog organization found that Pegasus had been installed on the devices of dozens of politicians from the pro-independence government of Catalonia.
Pegasus is a sophicated and robust surveillance tool, and while it has been used dozens of governments to hunt down criminals, terrors and drug traffickers, the developments in Spain will add to concerns that there are insufficient checks to prevent its abuse.

The hacking represented an “illegal and external” intrusion into Spanish politics, said Félix Bolaños, a miner in the Spanish government, at a news conference, adding that the use of the spyware attack was “alien” to any national agencies and had not received any kind of judicial authorization.
Prime Miner Pedro Sánchez and Defense Miner Margarita Robles had their phones surveilled the Pegasus spyware about a year ago, Bolaños said, and Spanish authorities were trying to determine whether other miners and senior officials were targeted.
Bolaños said the national court, which is charged with cases of terrorism and other serious crimes, would investigate how Pegasus was used to monitor Spanish officials.
Pegasus is a software that was developed NSO Group, an Israeli company, in part to help governments track criminal and terror activity. The software allows users to monitor every aspect of a target’s phone — including calls, messages, photos and video.

But its usage has led to scandals in several countries, and in November the Biden adminration blackled NSO Group, saying it had knowingly supplied spyware that has been used foreign governments to target the phones of dissidents, human-rights activs, journals and others.
“While we have not seen any information related to this alleged misuse and we are not familiar with the details of this specific case,” NSO Group said in a statement Monday, “NSO’s firm stance on these issues is that the use of cybertools in order to monitor politicians, dissidents, activs and journals is a severe misuse of any technology and goes against the desired use of such critical tools.”
The announcement from the government in Madrid adds a tw to the dispute over political spying in Spain, which was reignited with the revelations last month that Catalan officials had been monitored.
Regional leaders demanded that the central government open an investigation into the usage of Pegasus against the Catalan politicians, including the region’s current leader, Pere Aragonès.

“All political espionage is extremely serious,” Aragonès said in a statement on Twitter. “We have been denouncing it for days without obtaining explanations from the Spanish government. When mass espionage is against Catalan institutions and independence, silence and excuses. Today, everything is in a hurry.”
The latest Catalan revelations was touched off a report from Citizen Lab, a cybersecurity watchdog organization at the University of Toronto that has been investigating unlawful surveillance activities worldwide.
At the time, Citizen Lab also said it had found evidence of what it called “multiple suspected instances of Pegasus spyware infections within official U.K. networks,” including at the prime miner’s office and the Foreign Minry.
In an emergency news conference, which was held on a public holiday in Madrid, government officials said the prime miner’s phone was infected in May 2021 and that the defense miner’s device was hit a month later.
“These are facts and not suppositions,” Bolaños said. “We know that the Pegasus software has been used illicitly in 20 countries and that governments are among the victims.”
This article originally appeared in The New York Times.