French Government Ministers Bugged

The mobile phones of at least five French ministers and a diplomatic advisor to President Emmanuel Macron have been found to infected by the Israeli-made Pegasus spyware. The five ministers targeted are Education Minister Jean-Michel Blanquer, Territorial Cohesion Minister Jacqueline Gourault, Agriculture Minister Julien Denormandie, Housing Minister Emmanuelle Wargon and Overseas Territories Minister Sebastien Lecornu, Mediapart said.

This comes two months after it was revealed that the phone numbers of Macron, other government ministers and top French officials appeared in a leaked database being invesigated  by  journalists at Mediapart.

There is no evidence that the phones of the five cabinet members were successfully hacked, but the Mediapart allegations indicate that the devices were targeted with the powerful spyware known as Pegasus, which is made by NSO Group. The Israeli company is now at the center of an international spying scandal with suspicions that the Israeli government may also play a role.

Pegasus can switch on a phone’s camera or microphone and harvest its data, and was at the center of a storm in July after a list of about 50,000 potential surveillance targets worldwide including Heads of State became known. 

The NSO Group claims it has no connection to the leaked database and that the tens of thousands of numbers contained in the list are not the targets of NSO’s customers, which includes numerous governments around the world. It has also denied that Macron was ever targeted by Pegasus spyware and in a statement NSO Group said: “We stand by our previous statements regarding French government officials. They are not and have never been Pegasus targets. We won’t comment on anonymous source allegations.”

Although NSO Group say that the purpose of this powerful spyware is to investigate serious crime, not to target members of civil society, the Mediapart investigation has revealed that global clients of NSO Group have used their syware to hack human rights activists, journalists and lawyers. Forensic analysis of their devices at the end of July had revealed the presence of “suspect traces” of the spyware, according to a report by French state intelligence services.  

The alleged victims have not responded for requests to comment and some of them are understood  to have referred Mediapart investigators to France’s Secretariat-General for defence and national security (SGDSN), which also declined comment. The Élysée Palace also said it would not comment on “long and complex investigations which are still ongoing”.

In July, Le Monde newspaper reported that evidence of an attempted hacking was found on the phone of the former French  environment minister Francois de Rugy, with the attempt allegedly originating in Morocco and  Morocco's intelligence services were also accused of being behind the hacking of journalists in France.

The Israeli cybersecurity industry's exports were valued at $6.85 billion in 2020 and includes a number of world leading companies who have access to a trained talent pool from the nation's secretive military' intelligence units who are adept at transfering their know-how to the private sector.

France 24:      Mediapart:           TimesofIsrael:       Guardian:       TimesofIndia:     NPR:   Sada ElBalad

You Might Also Read: 

Apple's Emergency Patch For NSO Hack:

 

« Phishing Scam - Attackers Impersonate US Dept. of Transport
Medical Devices Need Better Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

CSA Events

CSA Events

Cloud Security Alliance conducts a series of conferences around the world. This listing provides a link to details of upcoming events.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Blockchain Firm

Blockchain Firm

Blockchain Firm is a leading Blockchain based software solutions and service provider with our roots of expertise running deep into the technology.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

Drata

Drata

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness.

SecurelyShare Software

SecurelyShare Software

SecurelyShare Software is a security software company, specializing in data security, data privacy and data governance.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council is a leading collaborative effort between Government of India and Industry to raise Cybersecurity awareness nationally.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Sardine

Sardine

Sardine is a leader in financial crime prevention. Using unparalleled device intelligence and behavior biometrics, Sardine applies machine learning to detect and stop fraud before it happens.

Aliro Security

Aliro Security

AliroNet is the world’s first entanglement Advanced Secure Network solution.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.