Pegasus phone spyware used to target 30 Thai activists, cyber watchdogs say

The word Pegasus and binary code are displayed on a smartphone which is placed on a keyboard in this illustration taken May 4, 2022. REUTERS/Dado Ruvic/Illustration/File Photo

BANGKOK, July 18 (Reuters) - At least 30 political activists in Thailand have been hacked using Israeli surveillance spyware Pegasus, according to a joint investigation by human rights and cyber monitoring groups, which suspect the attacks were launched locally.

The probe by Thai human rights group iLaw, Southeast Asian internet watchdog Digital Reach and Toronto-based Citizen Lab, followed a mass alert from Apple Inc (AAPL.O) in November informing thousands of iPhone users, including in Thailand, that they were targets of "state-sponsored attackers". read more

Pegasus has been used by governments to spy on journalists, activists, and dissidents and the Israeli firm behind it, NSO Group, has been sued by Apple and placed on a U.S. trade blacklist.

iLaw in its report on Monday said 24 political activists, three academics and three members of civil society groups were targeted between October 2020 and November 2021, ranging from one to 14 hacking incidents each.

Yingcheep Atchanont, programme manager at iLaw, was among those hacked and said his group would investigate further, and pursue legal action once it becomes clear who in Thailand was operating Pegasus.

"NSO has said that they only sell the software to governments and that all the victims here are Thai government critics, so they benefited the most," he said.

NSO Group and a spokesperson for Thailand's government did not immediately respond to requests for comment.

Wetang Phuangsup, a spokesperson for Thailand's ministry of Digital Economy and Society, said his ministry was not aware of any usage of spyware by the government.

Citizen Lab's report, which was separate to that of iLaw, examined digital traces left in the victims' phones and identified Pegasus usage in Thailand as far back as May 2014.

John Scott-Railton, a Citizen Lab researcher, said the investigation showed Pegasus was being operated in Thailand, with many more hacking victims likely.

"What we uncovered is a lot of targeting of dozens of people over a specific time frame, but having done investigation into Pegasus... over the decade, I am confident that it is the tip of the iceberg," he said in an online presentation on Monday.

Reporting by Panu Wongcha-um; Editing by Martin Petty

Our Standards: The Thomson Reuters Trust Principles.