Israel rejected requests from Ukraine and Estonia to purchase NSO’s Pegasus spyware out of concern for Israeli-Russian relations, The New York Times reported on Wednesday.
The NSO Group has been at the heart of a global hacking scandal, as researchers say its Pegasus software has been used by a number of governments around the world to target political dissidents, journalists and activists.
According to the Times, Ukraine attempted to purchase Pegasus after Russia’s invasion of Crimea in 2014, but Israel refused to grant licences to the NSO Group if the goal was to use the software against Russia.
In the case of Estonia, negotiations to purchase Pegasus began in 2018, and Israel at first authorised Estonia to have the system, apparently unaware that the country planned to use the technology to attack Russian phones.
But a year later, Israel’s defence ministry blocked Estonia from using the spyware on any Russian mobile number worldwide, after a senior Russian defence official contacted Israel security agencies, the Times reported.
Israel’s relationship with Russia has come under close scrutiny since Russia’s invasion of Ukraine, with Kyiv publicly criticising Israel’s government for offering only limited support.
During a virtual speech to Israel’s parliament on Sunday, Ukrainian President Volodymyr Zelensky criticised Israel for not providing Kyiv with the Iron Dome missile system and other defensive weapons.
Zelensky said: “You can mediate, but cannot mediate between good & evil. I could ask why we are not [receiving] protection from Israel. Why are we not getting your Iron Dome, that would protect the Jews of Ukraine? Why hasn’t Israel joined the sanction regime against Russia?”
So far, Israel has tried to strike a balance between supporting Ukraine and not irking Moscow, whose tacit approval it relies on to conduct air attacks against Iran and its proxies in Syria.
The New York Times’ report comes months after NSO was placed on a blacklist by the US Commerce Department, barring it from American technologies crucial to maintaining its operations.
In July, Forbidden Stories, Amnesty International and a group of international media organisations revealed that Pegasus had been used in hacks of smartphones belonging to journalists, government officials, human rights activists, and political leaders.
The investigative group revealed it had acquired a list of 50,000 phone numbers that appeared to be targets identified by the Israeli company’s clients to be spied upon using Pegasus.
Once deployed, a user of Pegasus can take complete control of a person’s phone, accessing messages, intercepting phone calls and using the phone as a remote listening device.
A forensic analysis showed that Middle East Eye’s Turkey bureau chief Ragip Soylu had his phone infected by Saudi Arabia, using Pegasus.
Amnesty said the software was active on Soylu’s phone between February and July 2021, infecting it via an iMessage.