Connect with us

Hi, what are you looking for?



Rights Group Verifies Polish Senator Was Hacked With Spyware

Amnesty International said Thursday it has independently confirmed that powerful spyware from the Israeli surveillance software maker NSO Group was used to hack a Polish senator multiple times in 2019 when he was running the opposition’s parliamentary election campaign.

Amnesty International said Thursday it has independently confirmed that powerful spyware from the Israeli surveillance software maker NSO Group was used to hack a Polish senator multiple times in 2019 when he was running the opposition’s parliamentary election campaign.

The Associated Press reported last month that Citizen Lab, an internet watchdog group at the University of Toronto, found that the senator, Krzysztof Brejza, and two other Polish government critics were hacked with NSO’s Pegasus spyware.

Dozens of high-profile cases of Pegasus abuse have been uncovered since 2015, many by a global media consortium last year, with the NSO Group malware employed to eavesdrop on journalists, politicians, diplomats, lawyers and human rights activists from the Middle East to Mexico.

The Polish hacks are considered particularly egregious because they occurred not in a repressive autocracy but a European Union member state.

The revelations have rocked Poland, drawing comparisons to the 1970s Watergate scandal in the United States and eliciting calls for an investigation and accountability. Although neither Citizen Lab nor Amnesty International determined who was behind the hacks, the victims all blame Poland’s right-wing ruling party, Law and Justice.

[ ReadApple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation ]

Law and Justice leaders have denied knowledge of the hacks and at times mocked the reported findings while refusing to open an investigation.

Advertisement. Scroll to continue reading.

NSO Group does not identify its customers but says it only sells Pegasus to governments to fight terrorism and other serious crimes. The spyware allows its operators to vacuum up everything from instant messages and contacts to photos and to turn microphones and cameras into real-time spy tools.

Polish Prime Minister Mateusz Morawiecki has called the Citizen Lab-AP findings “fake news” and suggested a foreign intelligence service could have done the spying — an idea dismissed by critics who say no other government would have any interest in the three Polish targets.

John-Scott Railton, a senior researcher at Citizen Lab, said that “if (Polish government leaders) really believe this could be the action of a foreign service, it would be the height of irresponsibility not to investigate.”

The senator’s mobile phone was hacked with Pegasus 33 times in 2019, mostly while Brejza ran the opposition’s campaign to unseat the Law and Justice-led government, Citizen Lab determined last month.

Text messages stolen from Brejza’s phone were doctored and aired by state-controlled TV as part of a smear campaign in the heat of the race, which the populist ruling party went on to narrowly win. Brejza has compared the actions to the tactics used in Russia against Kremlin critic and opposition leader Alexei Navalny.

Donncha O’ Cearbhaill, an expert with Amnesty International’s Security Lab, said he confirmed Citizen Lab’s finding after receiving raw backups of Brejza’s phone from the Canadian researchers. Amnesty uses independently developed tools and methods for its forensic analysis.

Brejza told the AP he thinks the real victims of the hacking are Polish voters who were “deceived” by Law and Justice and “deprived of the right to fair elections.”

The other two Polish targets confirmed by Citizen Lab were Roman Giertych, a lawyer who represents opposition politicians in a number of politically sensitive cases, and Ewa Wrzosek, an independent-minded prosecutor.

Wrzosek formally asked the District Prosecutor’s Office in Warsaw last month to investigate the hacking of her phone. The office refused, justifying its decision by saying that Wrzosek refused to hand over her phone.

She said she did not relinquish the phone because she doesn’t trust the prosecutor’s office and wanted to participate in the evaluation of the device. “This is my right according to the law,” Wrzosek told the AP.

In November, Israeli financial newspaper Calcalist reported that the country’s Defense Ministry had significantly cut the list of countries to which Israeli-produced spyware could be exported. The newspaper did not say that Poland was one of the nations removed from the list, but it was not among the approved countries noted in the report.

Hungary, another European Union member where NSO Group’s Pegasus is confirmed to have been used against non-criminals, also was not on the shortened list.

The Israeli Defense Ministry has said called the Calcalist report inaccurate, without elaborating.

RelatedUS Puts New Controls on Israeli Spyware Company NSO Group

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...