In a case that some may regard as “cultural appropriation” from its cousin north of the border, the Mexican government has been caught attempting to illegally hack phones through the use of a coordinated malware campaign that targeted journalists, lawyers and political activists.

The campaign, as detailed in a joint report from R3D, SocialTic, Article 19 and CitizenLab, involved the Mexican government using NSO Group, the Israel-based “cyberwar” company reportedly owned by American venture capital firm Francisco Partners Management. The company sent “phishing” text messages to targets to fool them into thinking they were from the US Embassy’s visa division, Amber Alerts or, in one case, a bereaved friend sending details of a funeral. Those texts attempted to install malware that would allow the government to monitor the target’s phones.

Interestingly, the malware being used wasn’t Android-exclusive. It also infected Apple Inc. devices by using “Trident,” a chain of iOS exploits related to the YiSpincter iPhone malware that was first revealed in October 2015.

NSO Group itself has previously been linked to a hacking campaign against, among others, United Arab Emirates-based human rights defender Ahmed Mansoor, who was targeted by a phishing SMS message that resulted in Apple releasing a security patch in August last year. Clearly NSO Group has now either discovered more iOS exploits or Apple was unsuccessful in patching all the vulnerabilities.

According to The New York Times, the hacking services offered by NSO Group do not come cheaply. The paper claimed that three Mexican government departments have spent $80 million on services from the company since 2011 and that payment for services remains ongoing.

The same report noted that it’s unclear whether the Mexican government departments received any legal authorization for the campaign. One expert said it’s unlikely such a request would be approved by a judge.

Photo: Pixabay