Mexico’s spyware scandal has widened further with the discovery that an infection attempt was made on the phones of two lawyers working on a controversial multi-homicide case.
The lawyers, who represent family members of three of the five people killed in a Mexico City apartment in 2015, have been revealed as targets of the software purchased by the Mexican government and allegedly used to monitor its critics.
Citizen Lab, a research unit based at the University of Toronto in Canada that has been investigating the infection attempts, has confirmed that Karla Micheel Salas and David Peña were both targeted with attempts to infect their phones with the espionage software made by the Israeli company NSO Group.
The lawyers represent the families of Nadia Vera, Yesenia Quiroz Alfaro and Mile Virginia Martin, all slain in an apartment in the Narvarte neighborhood on July 31, 2015.
Rubén Espinosa, a photojournalist, and Alejandra Negrete were also killed in the so-called Narvarte case, where there was evidence that torture and sexual abuse had occurred prior to the murders. A human rights group has charged that the investigation into the high-profile case was deficient and poorly managed.
The two lawyers are also known work for their work related to women’s rights.
Peña was the target of two attempts to infect his phone with Pegasus spyware via text messages containing links that have been identified as part of NSO’s exploit framework, firstly on September 25, 2015 and then on October 15, 2015.
The first link was contained in a “service message” while the second had a link to a news story about a lawyers’ association he belongs to.
On October 1 Salas also received a text message with a link that would have infected her phone with the spyware had she clicked on it. The message purported to invite her to a wake. The exact same strategy was also used to attempt to lure a National Action Party senator to click an infected link.
The New York Times reported in June that the federal government used the advanced spyware to monitor critics of the government although President Enrique Peña Nieto strongly denied the allegation.
It was subsequently revealed that the federal Attorney General’s office (PGR) paid US $32 million for the software, a transaction that an anti-corruption group claims occurred through a front company.
While Citizen Lab cannot attribute the attempted spyware infection in the Narvarte lawyers’ case to a specific branch within the Mexican government, it is noteworthy that it was the PGR that purchased it, the same agency the Narvarte lawyers were questioning about their investigation of the case.
The latest revelation brings the number of confirmed cases of abuse of the spyware to 21. The targets have been politicians, journalists, human rights lawyers and an anti-corruption activist.
Mexico News Daily