Emmanuel Macron and Alexandre Benalla (and many others) targeted by Morocco via the Pegasus malware

French media report that the Moroccan authorities used this malware in 2019 to target the smartphones of Emmanuel Macron and … Alexandre Benalla, among others.

Emmanuel Macron is perhaps the most connected French president, using productivity applications, for example, to follow the progress of the work of his ministers.

Like many politicians, Emmanuel Macron also uses encrypted instant messaging applications such as Telegram or WhatsApp. And all on smartphones used by you and me. In short, he is a “normal” president from the point of view of his digital uses.

Emmanuel Macron’s phone number had long been leaked

A normality that gives buttons to Guillaume Poupard, the big boss of Anssi (National Agency for the Security of Information Systems). This agency, like the DGSI (General Directorate of Internal Security), must regularly persuade high-level political decision-makers to turn away from iPhones and Android smartphones to adopt Teorem or Cryptosmart phones, which are very secure, but whose application possibilities are obviously very constrained.

France TV reports that in March 2019 an intelligence agency in Morocco, a client of the NSO company and user of Pegasus, entered one of the numbers of the French head of state in its spyware.

A number that even had “leaked” between the two rounds of the 2017 presidential election with the “Macronleaks”. A phone number that Emmanuel Macron continued to use once at the Elysee Palace.

Macron, Benalla, Philippe, and 14 ministers

However, it is impossible to know if the smartphone of the French president was actually hacked. Because to our knowledge, the smartphone that carried the pirated SIM card has not been appraised. It seems that the Elysee Palace has requested verifications from the State services, and is taking the matter seriously, without commenting on it.

The smartphone of the Prime Minister at the time, Edouard Philippe, and fourteen ministers then in office were also selected for possible surveillance by spyware mentions Le Monde.

According to information from France Info, Alexandre Benalla detected an intrusion into his smartphone in 2020, without knowing at this time whether it was indeed Pegasus.

After journalists, politicians

This is the first time that Morocco, a country “friend” of France, has been caught up in the bag. At the time of the Macronleaks, Russia had been singled out. A few years earlier, the United States had also spied on the French leaders, elements made public by Edward Snowden.

The reason for this aggression would be the chaotic geopolitical relationship maintained by Paris, Rabat and Algiers.

In the middle of the day, an investigation was entrusted to the Paris prosecutor’s office following a complaint from the Mediapart press site filed on Monday. The editor-in-chief of this media, Edwy Plenel and other journalists, were reportedly spied on by the Moroccan intelligence services also via Pegasus.

The investigation was entrusted to the Central Office for the Fight against Crime Related to Information and Communication Technologies (OCLCTIC) of the Central Directorate of the Judicial Police (DCPJ).

On the front of the computing resources used by NSO, the publisher of the spyware Pegasus, Amazon announced to stop offering Cloudfront, its service of CDN, to distribute its software.

Who is NSO, the designer of Pegasus?

NSO is an Israeli company, founded by three engineers, which has been providing interception and surveillance software to governments for over 10 years. These tools are used both by law enforcement and intelligence services, officially to fight terrorism and organized crime.

But the investigation by the Forbidden Stories journalist consortium shows that the Pegasus software marketed by NSO is also used by its clients to target journalists, media executives and political opponents.

A list of 50,000 phone numbers potentially targeted by Pegasus was made public on Sunday, including 1,000 French victims.

Morocco, but also Hungary, and some fifty countries, are customers of NSO and use Pegasus, including India, Rwanda, the United Arab Emirates and Mexico.

How does Pegasus, the spyware targeting French politicians, work?

Pegasus is sophisticated spyware that NSO regularly upgrades. This malicious software targets Android and iPhone smartphones, and aims at complete device compromise.

The latest versions of Pegasus feature attacks that do not require user interaction. It is capable of compromising the target’s phone by sending a message on iPhone 12 Pro Max phones running iOS 14.6, and on a new edition iPhone SE running iOS version 14.4. Either way, these compromises exploit zero-day vulnerabilities and do not require user interaction to be exploited, the researchers found.

Once the device is compromised, Pegasus operators are able to take control of the device remotely and thus record calls, view victim’s messages or data stored on the phone, or even back up the phone. ” turn on the camera and the microphone of the device in order to spy on a room.

Back to top button