Pegasus spyware attacks in Mexico continued under Lopez Obrador -report

FILE PHOTO: Illustration shows the word Pegasus and binary code

By Daina Beth Solomon

MEXICO CITY (Reuters) - Phones of at least three human rights investigators in Mexico were infected with Pegasus during the term of President Andres Manuel Lopez Obrador despite his goverment's assertions that it would stop using the controversial spyware, a report on Sunday found.

Lopez Obrador, who took office in late 2018, vowed to halt the use of the technology after a scandal erupted around its deployment during the presidency of his predecessor.

The spyware, which can be used to remotely break into phones, providing access into their memory or turning them into recording devices, is typically only sold to governments and law enforcement.

Researchers at Citizen Lab, a digital watchdog group at the University of Toronto's Munk School of Global Affairs and Public Policy, analyzed phones belonging to two journalists and a human rights activist, detecting the devices had been infected between 2019 and 2021 with Pegasus, which belongs to Israeli spyware firm NSO Group.

Their findings were published in a report by Mexican digital rights advocacy group R3D, which noted the three victims had documented alleged human rights abuses by Mexico's armed forces.

Representatives for Lopez Obrador and the defense ministry did not immediately respond to requests for comment.

Lopez Obrador in 2021 said there was "no longer any relation" with Pegasus, and Mexico's financial crimes chief at the time said the administration had not signed contracts with companies used to procure the software.

NSO Group said it could not verify the Citizen Lab findings without seeing detailed data, and that it terminates contracts when it finds wrongdoing.

The use of Pegasus by Mexico's government was previously detected by Citizen Lab in 2017 under former President Enrique Pena Nieto, sparking alarm about the lengths to which officials would go to monitor politicians, journalists and activists, including people critical of the administration.

The alleged ongoing use of Pegasus raises fresh questions about whether Lopez Obrador has lived up to his pledge to not spy on opponents. It also deepens concerns about the burden journalists and human rights defenders must bear in a country where they have long been under attack.

According to Citizen Lab and R3D, activist Raymundo Ramos, who aids victims of alleged military abuses in the violent northern border state of Tamaulipas, was targeted by Pegasus in August and September 2020.

Journalist Ricardo Raphael, a columnist for news outlets Proceso and Milenio and a host on channel ADN40, had his phone targeted in October and November 2019 and December 2020, the researchers found.

They also detected that a phone belonging to a journalist at news outlet Animal Politico, who requested anonymity, was infected in 2021.

Ramos told Reuters in an interview he had long suspected the government of spying on him. Since learning of the Pegasus attack, he began taking further measures to protect his privacy, opting to have sensitive conversations in person, and even then, leaving his cell phone in another location.

"I am on high alert," Ramos said. "This isn't just any hacker ... Someone has set their sights on you."

Read more:

Pegasus phone spyware used to target 30 Thai activists

Spanish prime minister's mobile phone infected by Pegasus spyware

(Reporting by Daina Beth Solomon and Julia Love; Additional reporting by Christopher Bing in Washington and Lizbeth Diaz in Mexico City; Editing by Lisa Shumaker)