‘Abusive texts’ sparked discovery of suspected UAE-Saudi Aljazeera hack using Israel spyware: report

Al Jazeera’s IT team, who also examined the phone, found the same spyware on the phones of 35 other staff members.
3 min read
22 December, 2020
The attack is described as the largest phone hacking operation targeting a single organisation [Getty]

Threatening texts sent to a mobile phone used by an Aljazeera investigative programme led to the discovery of a suspected UAE-Saudi Arabia hacking operation, The Guardian reported.

The hacking operation used spyware from Israeli surveillance firm NSO to target dozens of staff at the Qatar-based broadcaster.

Tamer Almisshal, host of The Tip of Iceberg, received abusive messages and calls on a phone used by the Aljazeera programme in January, after it ran a teaser promoting an interview with the French special forces agent who led the operation to retake Mecca's Great Mosque after it was seized by militants in 1979.

Investigations of topics regarded sensitive by Emirati and Saudi authorities fuelled the states' demand that Qatar shut down Al Jazeera and The New Arab as part of a wider diplomatic feud between the countries.

"Through different applications I was getting threats against me personally – 'Don't talk about this story or you'll be like [the murdered Saudi journalist Jamal] Khashoggi' – even threats of hacking," Almishhal told The Guardian.

The hostile activity prompted him to ask Citizens Lab, the Canadian communications research group that unveiled the hacking operation in their Sunday report, to install a VPN on the phone to allow monitoring.

In June, days after The Tip of the Iceberg broadcasted an episode investigating BR Shetty, an Indian billionaire entrepreneur whose Emirati business empire imploded earlier this year, the investigative reporter said he received a call from Citizen Lab researchers telling him the phone had been compromised.

"My first question was, 'How?' I hadn't clicked on any [suspicious] link. They told me it was a zero click, meaning you can receive a phone call through an application on your phone, and even if you don’t reply, just by reaching your phone it can give you spyware," he said.

The phone that had been used to contact various parties in the UAE appeared to have been hacked by tools developed by Israel's NSO group, whose surveillance software is alleged by have been used in attacks attributed to Saudi Arabia and the UAE in the past, the Citizen's Lab report said.

Al Jazeera’s IT team, who also examined the phone, found the same spyware on the phones of another 35 staff members including producers, journalists, and executives.

Read also: Tech giants join Facebook battle against Israeli spyware company amid suspected UAE-Saudi Al-Jazeera hack

The attacks, which Citizen Lab described as the largest concentration of phone hacks targeting a single organisation, occured in July and August.

Researchers also said that the phone of Rania Dridi, a journalist from The New Arab's sister channel Al-Araby TV had been hacked at least six times between October 2019 and July 2020. 

Vulnerabillities in software developed by Apple iPhones were exploited for the hacking operations, with iMessages infecting targeted handsets without users taking any action – otherwise known as zero-click vulnerability.

Through push notifications alone, the malware instructed the phones to upload their content to servers linked to NSO, turning journalists' iPhones into powerful surveillance tools.

NSO's spyware has repeatedly been deployed by authoritarian government to hack journalists, lawyers, human rights defenders and dissidents.

Most notably, the spyware was implicated in the gruesome killing of Saudi journalist Jamal Khashoggi, who was murdered and dismembered in the Saudi consulate in Istanbul in 2018.

Agencies contributed to this report.

Follow us on FacebookTwitter and Instagram to stay connected