The phone of Hanan Elatr, the widow of Saudi journalist Jamal Khashoggi, was infected with Israeli company NSO Group’s Pegasus spyware by a United Arab Emirates (UAE) agency before he was murdered, The Washington Post reported on Tuesday. The revelation runs counter to NSO’s claims that Elatr was not a target after The Post revealed in July that phones of Khashoggi’s associates were targeted with the spyware before and after his death.
The report claims that Pegasus was placed on Elatr’s phone after she was confiscated and blindfolded by security agents at the Dubai airport in 2018 for interrogation. Moreover, a forensic analysis by Citizen Lab, a cyberspace research organisation, found that her phone was infected with the spyware within 72 seconds by Emirati authorities.
The analysis confirms that the plot to kill Khashoggi, who was a major critic of the Saudi government, had been planned for a long time and that several foreign actors other than Saudi Arabia were involved.
Khashoggi, who worked as a columnist for The Washington Post, was killed in 2018 after he entered the Saudi consulate in Istanbul to obtain paperwork to marry his Turkish fiancée Hatice Cengiz. The Saudi government, which initially denied any role in his murder, later claimed that he was killed by a team of rogue agents from the Kingdom.
In February, a US intelligence report released by the Biden administration accused Saudi Crown Prince Mohammed bin Salman (MBS) of approving Khashoggi’s assassination. The document said that MBS had “absolute control” of the Saudi security apparatus, which made it unlikely that Saudi officials could have carried out the killing without his authorisation.
Soon after, US Secretary of State Antony Blinken announced the “Khashoggi Ban,” a new directive aimed at imposing visa restriction policies on individuals engaging in “counter-dissident activities” on behalf of a foreign government. As part of this policy, the US government-imposed travel restrictions on 76 Saudi officials who are believed to have played a role in Khashoggi’s murder.
In July, The Post reported that Pegasus software was used to hack the phones of Elatr and Khashoggi’s fiancée Hatice Cengiz after he was slain. However, the NSO Group claimed that it had conducted a check of its client records and concluded that the spyware was not used to target Khashoggi and his wife’s phones.
Despite NSO’s claim, Israeli newspaper Haaretz claimed a month later that Gulf states, including Saudi Arabia, the UAE, Bahrain, and Oman, are major clients of the company and have used the spyware to monitor dissidents and crackdown on critics. In fact, the company has made hundreds of millions of dollars in profit from sales to its Gulf buyers.
The NSO Group has come under international criticism after reports emerged in July accusing it of selling the Pegasus spyware to countries, including authoritarian regimes, where it has been used to monitor and target politicians, journalists, lawyers, and human rights activists. Apart from Gulf countries, the spyware has been used to target people in India, Azerbaijan, Palestine, Kazakhstan, and other countries.