“Pegasus project”: in Poland, entourage of one of main elected representatives of opposition under surveillance

Senator Krzysztof Brejza’s father and assistant have been targeted by NSO Group’s spyware.

by and

The Polish Senator Krzysztof Brejza, who organized in 2019 the main opposition party campaign, the civic platform, was not an isolated target of Spy PEGASUS software: his father, the Mayor of Inowroclaw, Ryszard Brejza, and his assistant, Magdalena Losko, were also targeted in multiple times by messages seeking to infect their phones, reveal the Polish daily Gazeta Wyborcza and the German Weekly Die Zeit, in collaboration with the media of the “Pegasus project. “, coordinated by Forbidden Stories.

Krzysztof Brejza is a major figure of the opposition. At the end of December, the American press agency Associated Press had revealed that he had received dozens of messages trapped in 2019 , a technical analysis led by the Citizen Lab of Toronto had made it possible to link to the attack infrastructure of Pegasus. Once installed on a phone, this very powerful spyware not only listen to conversations and access real-time geolocation, but also download all the history of messages contained on the phone, including those exchanged via secured applications like signal or whatsapp.

m. Brezza, just like his father and M me Losko, uses Android phones, on which traces of Pegasus are almost impossible to detect. The analysis by the Security Lab of Amnesty International, however, has allowed to find dozens of SMS trapped, sent shortly after the phone numbers of these people were selected for a potential targeting by the Polish client of NSO Group, like show it the data of the “Pegasus project”. The phone of M me losko has been targeted while she managed the European election campaign.

Very sophisticated trap messages

Pegasus operators who targeted Mr. Brejza and his loved ones have pushed their hacking to a very advanced degree of personalization: not only the messages usurped very precisely the identity of companies, presenting for example as emanating from the ‘Telephone operator actually used by the targets, but they also contained personal information. One of the trapped SMS invited its target to consult a telephone invoice, and resumed the exact amount of the invoice actually sent to that person that month. The presence of these details suggests that the software’s targets in Poland have been subject to other forms of electronic monitoring.

You have 48.71% of this article to read. The rest is reserved for subscribers.

/Media reports.