Spanish prime minister’s iPhone infected by Pegasus spyware; defense minister, too
The Spanish prime minister’s iPhone was infected by NSO’s Pegasus spyware, says the government. Margarita Robles, Defense Minister was also infected by NSO’s Pegasus spyware. This attack is the latest among a series of highly publicized Pegasus attacks that have been revealed in the past few weeks.
While it is foreign governments who would most want to target phones belonging to most prime ministers, there’s another obvious suspect in the case of Spain …
Background
We’ve recently outlined the key things you need to know about Pegasus.
NSO group makes spyware known as Pegasus that is sold to law enforcement and government agencies. It purchases zero-day vulnerabilities from hackers. The software can mount zero-click exploits, where the target does not need to interact with it.
In particular, just receiving a specific iMessage – and not opening or interfacing with it in any other way – can allow an iPhone to become compromised. This could leave most of your personal information exposed.
Apple fixes vulnerabilities when they are discovered, and NSO buys details about new ones. Cupertino now actively monitors for indications that iPhones may have been compromised, and issues an alert to those who are affected.
Recent Pegasus attacks
The frequency of high-profile Pegasus attacks coming to light appears to be increasing – likely due to Apple alerting victims. :
has been hacked in the last few weeks.
- Pegasus hacked the iPhone of award-winning journalist, weeks after Apple’s injunction attempt
- Pegasus spyware hacked iPhones of senior EU officials, who were alerted by Apple
- Pegasus targeted US iPhones indirectly; device infected in British prime minister’s office; Catalans targeted in Spain
Spanish prime minister’s iPhone infected
Reuters reports on the latest revelation.
Spanish authorities have detected “Pegasus” spyware in the mobile phones of Prime Minister Pedro Sanchez [left, above] and Defence Minister Margarita Robles, the government minister for the presidency, Felix Bolanos, said on Monday.
The fact that many of these reports were discovered after the fact may suggest that Apple can retrospectively determine if an iPhone has been infected by Pegasus and when it occurred.
Bolanos told a news conference Sanchez’s phone was infected in May 2021 and at least one data leak occurred then.
9to5Mac’s Take
Generally, foreign governments would be the prime suspects, but in this case there is another obvious possibility. The Spanish government has been fighting for years with the semi-autonomous Catalonia community.
Catalonia held an independence referendum in 2017, with a 92. 01% vote in favor. The Spanish government declared that the referendum was unconstitutional and international observers stated that the vote was null because many people opposed to independence did not vote, as Spain’s political parties had made the decision illegal.
Tensions were further increased last month when it was revealed that the phones of at least 63 high-profile Catalans were attacked by Pegasus, the Spanish government being the obvious suspect. This case would naturally lead to a counterattack from Catalonia.
It is unclear if the semi-autonomous Catalan government body would be able to buy Pegasus. NSO asserts that only law enforcement agencies are eligible for sales. The company’s operations are so sketchy that it would not be able to give weight to any statements.
One thing is certain: The relationship between Catalonia and the Spanish government will not improve anytime soon.
Photo: Ministry of the Presidency/Government of Spain