Two colleagues of murdered Sinaloa journalist Javier Valdez were targeted by repeated attempts to infect their mobile telephones with spyware, a new report based on a forensic analysis has revealed.

The Canadian research organization Citizen Lab said in a report published today that two days after Valdez was killed on May 15, 2017, Andrés Villarreal, a journalist and director of information at the Culiacán newspaper Río Doce, began receiving suspicious messages on his phone.

The first was disguised as a news alert, stating that the Jalisco New Generation Cartel (CJNG) was “responsible for the execution” of Valdez, who was a co-founder of Río Doce and a drug-trafficking reporter.

The message invited Villarreal to click a link to access the full story.

Had Villarreal clicked on the link, the Citizen Lab said, “his phone would have been turned into a digital spy in his pocket.”

The “news alert” was later determined to be a carefully crafted attempt to infect his phone with Pegasus spyware, which the federal Attorney General’s office (PGR) purchased in October 2014 for US $32 million.

The spyware infiltrates smartphones and monitors calls, texts, email and contacts and can use the device’s microphone and camera for surveillance.

Villarreal continued to receive attempts to compromise his phone for a week until the operator of the spyware selected a new target: Río Doce director Ismael Bojórquez.

Messages sent to both targets’ phones followed themes common to other cases of targeting, some of which had been publicly known for as long as eight months prior to Valdez’s death.

The messages were personalized and related to work and family issues. They included purportedly compromising romantic material, news alerts, and alarming billing notifications, the Citizen Lab said.

Both Villarreal and Bojórquez were aware of the reports about the abuse of Pegasus in Mexico and didn’t click any links contained in the suspicious messages they received.

According to the two men, officials from the Criminal Investigation Agency (AIC), a division of the PGR, had arrived in Culiacán immediately prior to the arrival of the messages as the agency had been given responsibility for the investigation into Valdez’s death.

One of the main suspects in the murder of the 50-year-old journalist was charged with homicide last week, the PGR said. One other man implicated in the crime has also been charged.

While research conducted by Citizen Lab has identified multiple current and previous Pegasus deployments in Mexico, the PGR is the only entity that has been publicly identified as a customer of NSO Group, an Israeli company that develops and sells the spyware.

“I believe they wanted to search our conversations and messages for clues to the murder of Javier, but we are absolutely against this,” Bojórquez told The New York Times.

“Nothing obtained illegally should be used in an investigation, and especially not from those who are involved professionally and emotionally to the victim.”

The current federal government bought the Pegasus spyware on the condition that it only be used to target terrorists and criminals.

But Citizen Lab, working with Mexican collaborators, has now identified a total of 24 individuals who are known to have been abusively targeted by the spyware in Mexico.

Other targets include journalist Carmen Aristegui and her young son, National Action Party (PAN) politicians, anti-corruption activists, lawyers working on a controversial multi-homicide case in Mexico City and some of those representing the families of 43 students who disappeared in Guerrero in 2014.

Citizen Lab said the targeting has another disturbing implication: “Pegasus spyware might have been used by officials covertly trying to ascertain just how much victims’ families, lawyers, and investigators knew about who was responsible for the crimes.”

After The New York Times published an exposé in June 2017 on the use of Pegasus against critics of the Mexican government, federal authorities denounced the surveillance and initiated an investigation into abuse of the spyware.

But the investigation has gone nowhere, The Times reported today. “Not a single individual has been punished for abusing the system.”

Source: The Citizen Lab (en), The New York Times (en) 





READ SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here