Catalan politics is always effervescent. And as if he lacked any reactive, a scandal broke out on Tuesday when the Catalan independence movement denounced that the President of Parliament, Roger Torrent, was spied on. And that he got a spyware by Whatsapp called Pegasus, than steal personal information and makes it available to third parties.
First things first: a spyware it is a “malicious” program, that is, it aims to inflict harm on the recipient (or target) when collecting personal information (phone contacts, chats, emails, geolocation, logs to websites, etc.) and has a particular way of entering: usually, without realizing it, we install it ourselves. They usually come “stuck” to the software or applications that we install.
The way of operating it has is to always stay in “background” This means that we do not see them explicitly, but to see them you must access the task managers of an operating system, and they can usually have names that make it difficult to identify them.
Unlike phishing, which is massively directed to any user to steal passwords and bank login data to steal credit card data, the spyware targets a target: a particular person to spy on you. And it does so in its four most common ways: adwares (misleading publications), tracking cookies (they record our browsing data), Trojans (they usually enter by emails) and system monitors (more advanced use).
Generally, in the case of Catalonia, to commit the person involved. A dynamic that has value in the field of political power games.
What is Pegasus and how it enters
Pegasus takes advantage of a Whastapp exploit. (AFP)
Pegasus is a program developed by NSO Group, an Israeli cybersecurity company, which had impressive propagation success. And WhatsApp was largely the gateway to Pegasus.
In May last year, Facebook’s proprietary messaging service warned that many of its users were in danger from spyware. The company itself recognized the exploit: The vulnerability in your system exploited by Pegasus.
Once installed, Pegasus accesses everything we have on the phone. If all: chats by WhatsApp, post from Gmail, conversations on Telegram, publications Facebook, Twitter, Skype, Zoom meeting records.
In addition, Pegasus can copy the passwords of the WiFi networks that we use, which becomes a huge vulnerability because from there they can access other devices that do not necessarily have Pegasus installed, but that being on the same network they already become accessible.
The espionage to which I have been subjected violates my right to privacy
Roger Torrent, President of the Catalan Parliament
Now, the question remains: why does a cybersecurity company develop such a program? The justification for its existence has to do with the “Fight against terrorism”. According to the NSO Group, its main clients are governments.
However, its use began to be exploited in the field of internal politics, beyond the national security issues of each country.
The Catalan case: Torrent, torrent
Roger Torrent at a press conference, this Tuesday, about the espionage to which he was subjected. (AFP)
Roger’s attack Torrent (curiously his last name matches the name of the most famous file sharing protocol, which often comes with spyware) was in 2019 and on his mobile phone. Pegasus took advantage of Whatsapp vulnerabilities to enter.
The revelation was released by research from Citizen Lab, the University of Toronto’s Cybersecurity Institute in Canada. And that information was collected by El País from Spain and The Guardian, from Great Britain.
“It is improper in a democracy for the state apparatus to illegally spy on political opponents. The espionage to which I have been subjected violates my right to privacy, the right to secrecy of communications and the right to be able to develop a political project ”, Torrent said. In Catalan and Spanish, without removing the chinstrap.
For worse, the Torrent phone he would not have been the only one spied on. The Minister of Digital Policies and Public Administration of the Generalitat of Catalonia appears on the list, Jordi Puigneró, and the technical director of the Consell per la República -the office that waves the independence flag in Belgium where former President Carles Puigdemont took refuge after the failed declaration of independence in 2017-, Sergi Miquel, the deputy from Esquerra and former candidate for mayor of Barcelona, Ernest Maragall, and the former deputy from the anti-CUP party, Anna Gabriel, who fled to Switzerland after the 2017 separatist attempt.
Jeff Bezos, another victim
Mohammed bin Salman and Jeff Bezos: a Pegasus spy scandal. (AP)
Pegasus’ problem is not new. Something similar had happened to Amazon CEO Jeff Bezos: he also got on WhatsApp. And he suffered serious extortion problems when he received a link on his phone from who he believed was the crown prince Saudi Mohammed bin Salman in 2018.
The consequences for Bezos were terrible, since his privacy was exposed and not only did he have to go out and explain, but the issue slipped into the middle of the billionaire divorce that still has to speak in Silicon Valley and the world.
While Catalan politics is also processing his divorce, Pegasus could complicate matters for the protagonists involved again.