Beirut, February 1, 2024 – The Committee to Protect Journalists is highly alarmed by the targeting of journalists with Pegasus spyware in Jordan and repeats its calls for an immediate moratorium on the sale, transfer, and use of such surveillance technologies, as well as a ban on spyware and its vendors that facilitate human rights abuses, and urges Jordanian authorities to investigate its use in the country.
Between 2020 and 2023, at least 16 journalists and media workers in Jordan were targeted by Pegasus spyware, along with 19 other individuals, including activists, lawyers, and civil society members, according to a new joint investigation published on Thursday by rights group Access Now, University of Toronto-based research group Citizen Lab, and other partners. Four of the journalists named in the report, Hosam Gharaibeh, Rana Sabbagh, Lara Dihmis, and Daoud Kuttab, told CPJ in interviews that they believe they were targeted due to their journalistic work. The report does not name the source of the attacks.
Access Now’s report does not name the other 12 journalists and media workers, and CPJ was unable to immediately identify them. Previously, in 2022, CPJ called for an investigation into the use of Pegasus spyware on two Jordanian journalists, including Suhair Jaradat.
“The new revelations that journalists and media workers in Jordan have been targeted with Pegasus spyware underscores the need for an immediate moratorium on the use and sale of this technology, and a ban on vendors facilitating abuses,” said Sherif Mansour, CPJ’s Middle East and North Africa program coordinator, in Washington, D.C. “Journalists are not legitimate surveillance targets, and those responsible for these attacks should be held accountable.”
According to the report, phones belonging to Sabbagh and Dihmis, who cover the Middle East and North Africa as a senior editor and an investigative reporter, respectively, at the Organized Crime and Corruption Reporting Project (OCCRP), were targeted with Pegasus spyware.
“What bothered me most was the impact of the surveillance on my sources, and friends, and relatives,” said Sabbagh, who is also the co-founder of Arab Reporters for Investigative Journalism. “Because of the nature of OCCRP’s work, it is a principal target for surveillance agencies. They wish to keep crime and criminality hidden. We work to expose it. And with this type of work comes a very high price.”
Dihimis called the revelation “quite the violation,” adding that “as a journalist, it was a reminder of the importance of being cautious in terms of secure communication — to protect yourself but also your sources and colleagues. As a person, it spurred a lot of paranoia,” she added.
Kuttab, a Palestinian-American journalist based in Jordan and a 1996 recipient of CPJ’s International Press Freedom Award, was targeted by Pegasus spyware multiple times, according to the report.
On March 8, 2022, two weeks after the first incident, Kuttab was arrested when he arrived at Queen Alia International Airport outside of Jordan’s capital, Amman. He was detained under the Cybercrime Law for an article written in 2019 and was released a few hours later on bail, the report said.
The report detailed seven other attempts to infect Kuttabʼs mobile device with Pegasus, including a 2023 attempt in which the attacker impersonated a journalist from media outlet The Cradle asking questions about Jordanʼs cybercrime law while sending malicious links.
“I will not be intimidated, and I will not censor myself,” Kuttab told CPJ. “It is highly irritating to be spied on, but that also comes with the job nowadays. Whatever I know, I publish, but my only concern is my sources and their protection.”
Gharaibeh, director of Jordan’s Radio Husna, and the host of its morning talking show, was targeted successfully multiple times and there were also several failed attempts to infiltrate his phone, the report said.
When asked by CPJ about the apparent reason behind the recurrent attacks, Gharaibeh said that “it could be anything from monitoring the journalists and their sources to exploiting the journalists and silencing them.”
According to Access Now, the victims in the report were targeted using Pegasus with both zero-click attacks, in which spyware takes over a phone without the user’s knowledge, and attacks in which a user has to click a link.
CPJ has documented the use of Pegasus to target journalists around the world in order to monitor their phones’ cameras, microphones, emails, texts, and calls. Journalists have been targeted with the software in Jordan, Morocco, the United Arab Emirates, and Saudi Arabia, among other countries.
NSO Group, an Israeli company that developed and licenses Pegasus spyware, told CPJ via email that it “cannot confirm or deny which government agencies use our technology,” adding that “NSO Group…is strongly committed to avoiding causing, contributing to, or being directly linked to negative human rights impacts.” NSO added that “we have approached Access Now to request additional information that will enable us to investigate and evaluate the concerns raised in the publication.”
NSO Group says it only licenses its Pegasus spyware to government agencies investigating crime and terrorism.
CPJ offers guidance for journalists and newsrooms on spyware targeting and general digital safety.
Editor’s note: This report has been updated to add a reply from NSO Group.