The Royal Thai Police have denied using Pegasus spyware in any security operations to surveil people or violate their rights, a deputy spokesman for the national police said yesterday.
Pol Col Kissana Phathanacharoen spoke in response to media reports that 30 political activists in Thailand had been hacked using Israeli spy software Pegasus.
He said international security agencies and RTP’s international counterparts are always involved in security operations involving suspected criminal activities occurring overseas.
According to Pol Col Kissana, “The Royal Thai Police has never used spyware to violate anyone’s rights as suggested in Thai news reports and accusations made on social media.”
According to media reports, Pegasus spyware belongs to Israel-based NSO Group, which has been blacklisted from deals with US companies after a wave of revelations claiming its spyware was deployed against peaceful activists and their associates worldwide.
As a result of revelations by some human rights and cyber monitoring groups, it may have been used in Thailand to target government opponents.
Pegasus spyware attack
Human rights group iLaw, Southeast Asian internet watchdog Digital Reach and Toronto-based Citizen Lab have disclosed findings from their investigation conducted after Apple alerted thousands of iPhone users in November that they had been hacked.
Among the victims of the Pegasus spyware attack was Piyabutr Saengkanokkul, secretary-general of the Progressive Movement. He said this particular spyware was used in up to eight attempts at hacking his iPhone.
Attacks on the individuals’ devices allegedly took place from Oct. 2020 to Nov. 2021, during which pro-democracy protests were taking place across Thailand.
In November, Piyabutr thought that the e-mail he received from Apple informing him that he may be a target of state-sponsored attackers was just junk mail.
He later discovered that several political activists had also received similar warning emails from Apple Inc about a Pegasus spyware attack.
Spyware is highly effective against political groups
Pegasus spyware uses zero-click exploits, which means that it can be remotely installed onto a target’s phone without the target having to click any links or download any software.
Citizen Lab’s John Scott-Railton says the spyware is highly effective against political groups and movements because it can access contact lists and group chats.
Scott-Railton said Apple’s notifications about spyware infections are crucial to combating such digital surveillance.
The fact that Apple informed the recipients of this suspected targeting is remarkable. He said that the infection ended after Apple’s notification. “It had a significant impact.”
Cybersecurity experts say that turning off and restarting a device can disrupt the spyware’s digital connections. Additionally, security updates have closed the loopholes exploited by such attackers.