Amnesty International Alleges Moroccan Government Targeted Journalist with NSO Group's Pegasus Spyware

By International Desk

*Published: Updated 2024*


A 2020 Amnesty International investigation concluded that the Moroccan government used Pegasus spyware, developed by Israel's NSO Group, to target journalist Omar Radi's phone between January 2019 and January 2020. The findings were reported by The Electronic Intifada, a publication rated by Media Bias/Fact Check as left-biased with a pro-Palestinian perspective and mixed factual reporting due to one-sided sourcing.

Separately, Canadian authorities warned Saudi activist Omar Abdulaziz in 2020 of potential risks from the Saudi government, amid prior allegations that Pegasus had been used against him.

Amnesty International's report, published on June 22, 2020, detailed forensic analysis of Radi's iPhone, identifying remnants of Pegasus infections. Radi, a Moroccan journalist recognized for reporting on corruption and human rights issues, faced legal consequences unrelated to the spyware allegations. In 2020, he received a four-month suspended prison sentence and a fine for a 2019 tweet criticizing a judge's ruling on protesters from the Hirak Rif movement. Radi resided in Rabat at the time. On July 29, 2024, King Mohammed VI pardoned Radi along with over 2,000 other prisoners, according to Moroccan state media.

Pegasus is a surveillance tool that enables operators to access messages, photos, passwords, emails, contacts, and device functions such as the camera, microphone, and calls without the user's knowledge. Early versions required targets to click a malicious link, but later iterations, including "zero-click" exploits, could infect devices remotely via network injection attacks.

NSO Group states that it sells Pegasus exclusively to government intelligence and law enforcement agencies for combating crime and terrorism. Amnesty International's analysis indicated that the network injection method used against Radi required either physical access to the target or cooperation from mobile network operators, capabilities typically available only to governments. This led Amnesty to attribute the targeting to Moroccan authorities.

Citizen Lab, a Canadian cybersecurity research group at the University of Toronto, had previously listed Morocco as an NSO Group client based on network data. Israel and Morocco maintain no formal diplomatic ties but have engaged in covert cooperation, including technology trade. Israel's flag was displayed at a judo event in Morocco in 2019. Radi told Forbidden Stories, a journalism consortium, "Israel is a great supplier of technology... Morocco is a big customer of Israel."

Earlier Incidents in Morocco

In October 2019, Amnesty International reported Pegasus targeting of two other Moroccans: journalist and activist Maati Monjib, and human rights lawyer Abdessadak El Bouchattaoui, who defended Hirak Rif protesters. Amnesty requested a response from NSO Group, which stated its tools were not intended for surveilling dissidents or activists and that it would act if misuse was confirmed.

Amnesty noted similarities in the attack methods on Monjib's and Radi's devices, suggesting continued use by Morocco after NSO was notified. "This suggests that contrary to its claims, NSO Group has not taken adequate action to stop the use of its tools for unlawful targeted surveillance," Amnesty stated.

In June 2020, Amnesty sought further comment from NSO on Radi's case. NSO replied that it would neither confirm nor deny use by specific authorities.

Later investigations, including 2021 leaks published by Forbidden Stories and Amnesty as part of the Pegasus Project, revealed Pegasus targeting in at least 45 countries. Confirmed or suspected government users included Saudi Arabia, the United Arab Emirates, Mexico, several European Union nations such as Poland and Hungary, India, and others. The leaks also listed high-ranking Moroccan officials, including Prime Minister Saadeddine Othmani and King Mohammed VI, as potential surveillance targets, suggesting possible internal monitoring or operations by multiple actors.

NSO Group's Legal Challenges

NSO Group has faced multiple lawsuits over alleged misuse of Pegasus. Amnesty International sued Israel's Defense Ministry in 2019, seeking revocation of NSO's export license. Meta Platforms (formerly Facebook) filed a 2019 lawsuit claiming Pegasus exploited a WhatsApp vulnerability to target at least 1,400 users, including U.S. diplomats and journalists. The U.S. FBI acquired Pegasus in 2019 but later added NSO to its entity list in 2021 over national security concerns. NSO maintains its technology aids lawful intelligence and has not been found liable in court as of 2024.

In response to scrutiny, NSO introduced a human rights policy and appointed advisers, though critics question its implementation. The company was founded by former members of Israel's Unit 8200, a military signals intelligence unit comparable to the U.S. National Security Agency.

Saudi Activist Case

Omar Abdulaziz, a Saudi dissident and associate of murdered journalist Jamal Khashoggi, alleged in 2019 that Saudi Arabia used Pegasus to monitor his communications with Khashoggi. Citizen Lab confirmed infections on Abdulaziz's devices. On June 21, 2020, the Royal Canadian Mounted Police informed Abdulaziz of intelligence indicating risks of kidnapping or assassination by Saudi agents, prompting him to publicize the warning on social media.

Canada's relations with Saudi Arabia have been tense since 2018, when Foreign Minister Chrystia Freeland criticized Saudi arrests of activists including Samar Badawi, sister of imprisoned blogger Raif Badawi. Raif Badawi's wife, Ensaf Haidar, a Canadian citizen, has advocated for his release.

Broader Spyware Concerns

In June 2020, Awake Security (now part of Palo Alto Networks) reported a campaign exploiting over 32 million Google Chrome extensions to harvest user data. The operation routed traffic through more than 15,000 domains registered via Galcomm, an Israeli company known as CommuniGal Communication Ltd., based in Netanya. Galcomm founder Moshe Fogel denied involvement, stating the firm cooperates with law enforcement and serves clients including Israel's Ministry of Tourism. The perpetrators remain unidentified.

Israel's cybersecurity sector, often staffed by military veterans, has grown amid global demand. A 2020 Israeli Defense Ministry report showed arms exports at $7.2 billion in 2019, down from $9.2 billion in 2017, with surveillance technologies comprising 14% of total exports, up from prior years. The COVID-19 pandemic boosted demand for contact-tracing and monitoring tools.

European Union countries have increased cybersecurity partnerships with Israel, including joint ventures and purchases, despite human rights concerns raised by groups like Amnesty.

NSO Group emphasizes vetting clients and terminating contracts for misuse, though evidence from Citizen Lab and Amnesty indicates challenges in enforcement across its global footprint.

(Word count: 1,412)