Colombian President Gustavo Petro said on Thursday that the previous administration of Iván Duque had bought Pegasus, an Israeli spy software that has been blacklisted by the US, for $11 million in mid-2021.
According to the president’s telecast, the information was sent to him by Luis Eduardo Llinas Chia, director of the Financial Information and Analysis Unit (UIAF) on August 27, 2024.
However, Petro explained that he had been advised not to make the information public without written consent from the Israeli Financial Intelligence Unit (IMPA).
“Because I am the president and do not abide by diplomatic relations with Israel at the moment as a result of the situation in Gaza, I retract this ban and will share the contents of this letter,” he said.
According to Petro, between July and August 2021, an Israeli bank filed an unusual activity report after receiving a cash deposit of $5.5 million to the account of NSO Group Technologies Limited, the owners of Pegasus.
One such payment was related to an $11 million deal between NSO Group Technologies Limited and the Colombian Police Intelligence Unit (DIPOL) for the purchase of Pegasus software. The remaining $5.5 million was paid in September 2021.
“I decided to ask for information when various magistrates started talking about interference, and especially after, 15 days before the end of my presidential campaign, the media tried to transform the poll results against me with information they could have obtained from illegal wiretapping . President Petro declared.
The president questioned how such a sum of money had left government offices for the purchase of software “that spies on mobile phones and private communications”.
“Who else was tapped? What court order did they have, as the Constitution mandates, that such wiretapping was not illegal? Where did the money come from? Why was it not formalized in the national budget?” he asked.
Immediately after the broadcast of Petros, the Prosecutor’s Office issued a statement announcing the launch of an investigation “to establish the truth and eventual identification of those responsible for the possible illegal purchase and use of the Pegasus spy software by DIPOL”.
Additionally, the investigation seeks to determine whether the police still have access to Pegasus and under what legal restrictions it is used.
Ernesto Macías Tovar, former president of Congress, stated that President Petro’s announcement is a smokescreen because “a government cannot make transactions with cash; less for another government”. This was reposted on X by former president Iván Duque, who has yet to issue a statement of his own.
The United Nations Human Rights Office in Colombia stated, “the use of Pegasus seriously violates the rights to privacy, freedom of expression and association, among other human rights.”
NSO Group Technologies Limited and Pegasus
NSO Group develops technology to help government agencies detect and prevent terrorism and crime, according to their website. According to the company, their products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror. One of these products is Pegasus.
The earliest version of the software was discovered by researchers in 2016 when they discovered infected mobile phones, according to custody.
The NSO came under fire in 2021 after a massive data leak revealed that Pegasus had been used to target activists, journalists and political leaders globally, according to Amnesty International. Project Pegasus, a collaboration of more than 80 journalists from 17 media organizations in 10 countries, conducted forensic tests on mobile phones to identify traces of spyware.
“These revelations refute any claims by NSO that such attacks are rare and due to the fraudulent use of their technology… They present an appearance of legitimacy while profiting from widespread human rights abuses,” Amnesty International said at the time.
“These revelations refute any claims by NSO that such attacks are rare and due to the fraudulent use of their technology… They present an appearance of legitimacy while profiting from widespread human rights abuses,” Amnesty International said at the time.
Pegasus can be installed on a phone through vulnerabilities in apps or by tricking a target into clicking a malicious link. Once installed, the software can collect any data from a device and transmit it to the attacker, including text messages, photos and data obtained by activating the phone’s camera or microphone, according to The Guardian.
According to the newspaper, the NSO’s response to Project Pegasus denied all claims, labeling them as misleading interpretations of data derived from the available baseline information.
