Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Spain: 2021 Spyware Attack Targeted Prime Minister’s Phone

Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation.

Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation.

Prime Minister Pedro Sánchez’s mobile phone was breached twice in May 2021, and Defense Minister Margarita Robles’ device was targeted once the following month, Presidency Minister Félix Bolaños said Monday in a hastily convened news conference.

He said the breaches resulted in a significant amount of data being obtained, and that reports detailing the hacking have been transferred to Spain’s National Court for further investigation.

“We have no doubt that this is an illicit, unauthorized intervention,” Bolaños said. “It comes from outside state organisms and it didn’t have judicial authorization.”

Spain’s Socialist-led government is under pressure to explain why the cellphones of dozens of people connected to the separatist movement in the northeastern Catalonia region were infected with Pegasus between 2017 and 2020, according to Citizen Lab, a cybersecurity group of experts affiliated with the University of Toronto.

The revelations involve at least 65 people, including elected officials, lawyers and activists, targeted with the software of two Israeli companies, Candiru and NSO Group, the developer of Pegasus.

The spyware silently infiltrates phones or other devices to harvest data and potentially spy on their owners.

The regional Catalan government has accused Spain’s National Intelligence Center, or CNI, of spying on separatists, and declared that relations with national authorities were “on hold” until full explanations are offered and those responsible are punished.

The conservative Popular Party, or PP, was in office in 2017, when Catalan separatists declared independence following an unauthorized referendum, although no further action was taken to execute the declaration. PP remained in power until mid-2018, when they were ousted by Sánchez in a parliamentary vote.

ERC, the main political party in Catalonia and a crucial ally of the government has called for the resignation of Robles, the defense minister. But the spying scandal has left them exposed to the pressure of more radical separatists, who are calling on ending the support for Sánchez’s left-to-center coalition in the national parliament.

The central government has attempted to temper their concerns with pledges of full transparency, announcements of plans for an internal probe by the country’s intelligence agency, and a separate investigation by Spain’s ombudsman.

A special parliamentary commission on state secrets has also been established and the head of CNI is expected to be questioned by lawmakers later this week, although discussions around state security issues are not meant to be publicized.

Related: Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Cybercrime

Spanish Court agreed to extradite Joseph James O’Connor to he U.S., who allegedly took part in the July 2020 hacking of Twitter accounts of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...