The mobile phones of French President Emmanuel Macron and 15 members of the French government may have been among potential targets in 2019 of surveillance by spyware made by the Israel-based NSO Group, according to a newspaper report.
The report by Le Monde follows an announcement by the Paris prosecutor’s office that it is investigating the suspected widespread use of NSO’s Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.
Le Monde is part of a global media consortium that identified the targets from a leaked list of more than 50,000 phone numbers obtained by the Paris-based journalism non-profit Forbidden Stories and the human rights group Amnesty International and shared with 16 news organisations which began publishing their findings on Sunday.
That same day, Amnesty released a forensic analysis of the alleged targeting that showed Amazon Web Services was hosting NSO infrastructure.
In response, Amazon said it shut down NSO accounts that were “confirmed to be supporting the reported hacking activity.” Amazon said they had violated its terms of use.
Another US company identified by Amnesty as hosting NSO servers was DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers.
“All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean,” it said without elaborating in an emailed statement.
Le Monde said the phone numbers for Mr Macron and the then-government members were among thousands allegedly selected by NSO clients for potential surveillance.
In this case, the client was an unidentified Moroccan security service, according to Le Monde.
Consortium members said they were able to link more than 1,000 numbers on the list with individuals, including more than 600 politicians and government officials and 189 journalists.
Among the numbers were those of journalists and politicians in France. The largest share were in Mexico and the Middle East, where Saudi Arabia is reported to be among NSO clients.
Also on the list were phone numbers in Azerbaijan, Kazakhstan, Pakistan, Morocco and Rwanda, as well as ones for several Arab royal family members, heads of state and prime ministers, the consortium reported.
An official in Mr Macron’s office said authorities would investigate Le Monde’s report, and if the targeting is proven, it would be “extremely grave.”
Le Monde quoted NSO as saying the French president was never targeted by its clients.
NSO Group denied that it ever maintained “a list of potential, past or existing targets.” It called the Forbidden Stories report “full of wrong assumptions and uncorroborated theories.”
The source of the leak — and how it was authenticated – was not disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it believed the data indicated potential targets of NSO’s government clients.
The Paris prosecutor’s office said in a statement that it opened an investigation into a raft of potential charges, including violation of privacy, illegal use of data and illegally selling spyware.
As is common under French law, the investigation doesn’t name a suspected perpetrator but is aimed at determining who might eventually be sent to trial. It was prompted by a legal complaint by two journalists and French investigative website Mediapart.