The federal Attorney General (PGR) purchased the spyware suite Pegasus from a firm called Grupo Tech Bull, S.A. de C.V. for US $32 million on October 29, 2014, documents revealed yesterday.
The installation of the Pegasus espionage software on PGR equipment concluded the following month.
An investigation is now under way to determine how the spyware came to be planted on smartphones belonging to lawyers and activists, most of whom were working on projects critical of the federal government or its policies, according to a report earlier this month by the New York Times and information subsequently provided by some of the people targeted.
When the software was purchased, the Attorney General was Jesús Murillo Karam, who was replaced by Arely Gómez González in February the following year.
The PGR’s intelligence department, the National Center for Planning, Analysis and Information for Combating Crime (Cenapi), was responsible for the spyware’s use until Gómez moved the function within her own office.
Beginning in November 2015, Gómez controlled Pegasus’ use through her chief of staff, Christian Noé Ramírez Gutiérrez.
It was after that date that several attempts were made to install the spyware on smartphones owned by journalists, human rights advocates and anti-corruption activists.
Gómez left the PGR last October when she was appointed head of the Public Administration Secretariat (SFP).
She said today that Pegasus and other similar tools were employed by her office when she was Attorney General, but “always within the framework of the law.” Their use is permitted by the law and the constitution, Gómez said, to combat crime.
Documents disclosed by the newspaper Milenio revealed that 25 officials were trained to use the Pegasus spyware suite, which had the capability of targeting 500 individuals simultaneously.
The Canadian research organization Citizen Lab documented 88 cases of attempted spyware attacks and has said that Mexican agencies that operated Pegasus at the time were the PGR, the National Defense Secretariat and the Center for Investigation and National Security (Cisen).
The spyware can be planted on phones by sending an SMS text message. The first suspicious message was received as early as 2014 by journalist Carmen Aristégui. She and her son were the only targets until December 2015.
More appeared beginning in that month; one targeted anti-corruption activist Juan Pardiñas, director of the Mexican Institute for Competitiveness, Imco.
By February 2016 there were spyware attacks on human rights and anti-corruption activists and journalists.
Once infected, a phone can be used to monitor its owner’s activities and its files are accessible to the user of the spyware.
Source: Milenio (sp)