Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Spain: 2021 Spyware Attack Targeted Prime Minister’s Phone

Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation.

Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation.

Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once the following month, Presidency Minister Félix Bolaños said Monday in a hastily convened news conference.

He said the breaches resulted in a significant amount of data being obtained, and that reports detailing the hacking have been transferred to Spain’s National Court for further investigation.

“We have no doubt that this is an illicit, unauthorized intervention,” Bolaños said. “It comes from outside state organisms and it didn’t have judicial authorization.”

Spain’s Socialist-led government is under pressure to explain why the cellphones of dozens of people connected to the separatist movement in the northeastern Catalonia region were infected with Pegasus between 2017 and 2020, according to Citizen Lab, a cybersecurity group of experts affiliated with the University of Toronto.

The revelations involve at least 65 people, including elected officials, lawyers and activists, targeted with the software of two Israeli companies, Candiru and NSO Group, the developer of Pegasus.

The spyware silently infiltrates phones or other devices to harvest data and potentially spy on their owners.

Advertisement. Scroll to continue reading.

The regional Catalan government has accused Spain’s National Intelligence Center, or CNI, of spying on separatists, and declared that relations with national authorities were “on hold” until full explanations are offered and those responsible are punished.

The conservative Popular Party, or PP, was in office in 2017, when Catalan separatists declared independence following an unauthorized referendum, although no further action was taken to execute the declaration. PP remained in power until mid-2018, when they were ousted by Sánchez in a parliamentary vote.

ERC, the main political party in Catalonia and a crucial ally of the government has called for the resignation of Robles, the defense minister. But the spying scandal has left them exposed to the pressure of more radical separatists, who are calling on ending the support for Sánchez’s left-to-center coalition in the national parliament.

The central government has attempted to temper their concerns with pledges of full transparency, announcements of plans for an internal probe by the country’s intelligence agency, and a separate investigation by Spain’s ombudsman.

A special parliamentary commission on state secrets has also been established and the head of CNI is expected to be questioned by lawmakers later this week, although discussions around state security issues are not meant to be publicized.

Related: Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Cybercrime

Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...