The Pegasus Clue Focuses on Morocco

The Account Used to Spy on Robles and Marlaska Was Also Used to ‘Hack’ Sahrawi Activists

By Melchor Sáiz-Pardo

The information contained in the European Investigation Order (OEI) issued to the Audiencia Nacional by French authorities regarding the investigations conducted in France about Pegasus, the Israeli-origin spyware, points to Moroccan intelligence services as the most likely candidate responsible for the attack on high-ranking Spanish government officials in 2021 using this malicious system.

The preliminary results of the new forensic examination ordered a month ago by Judge José Luis Calama of the Audiencia Nacional, who is overseeing the case, from the National Cryptologic Center (CCN, the technological hub of the CNI), based on data from the French National Agency for Information Systems Security (ANSSI), reveal « numerous » parallels between infections of Sahrawi activists in France and the ‘hacks’ suffered, particularly on the phones of Ministers Margarita Robles and Fernando Grande-Marlaska.

According to various sources, this OEI has confirmed that Pegasus used the email account linakeller2203@gmail.com, the same one the Israeli ‘malware’ used to infiltrate the phones of the Ministers of Defense and Interior, to control at least four individuals in France targeted by the Rabat regime for their advocacy of the Sahrawi cause. These individuals are French activist Claude Mangin, wife of Sahrawi political prisoner Naama Asfari; Oubir Bachir, a diplomat of the Polisario Front; Philippe Bouyssou, the mayor of Ivry-sur-Seine, who is very active in solidarity causes with the former Spanish colony; and Hicham Mansouri, a Moroccan investigative journalist living in exile in France.

The espionage of Sahrawi activists using the Israeli company’s NSO Group system occurred in the summer of 2021, around the same time as the attacks on the Spanish ministers. In Robles’ case, her phone « showed signs » of being infected by Pegasus on four occasions between May and October 2021. Investigators estimate that the amount of exfiltrated information could be around 9 megabytes between June 18 and 23, though they do not rule out a larger amount. Grande-Marlaska’s phone, on the other hand, was infected in two phases: between June 2 and 7, 2021, with 400 megabytes of information exfiltrated (days after the severe crisis of the illegal entry of nearly 10,000 irregular immigrants into Ceuta), and between June 7 and 23, when the theft occurred, always using the same email address that spied on the Sahrawis.

Source : Diario de Leon, 27 mai 2024

#Morocco #Spain #France #Pegasus #Spying #WesternSahara #Polisario #Sanchez #Marlaska #Robles #Catalangate