Insights into Morocco's Involvement with Pegasus Spyware
The Pegasus Project reveals a complex web of collaboration among Morocco, Israel, and the United Arab Emirates (UAE), shedding light on the clandestine activities surrounding the use of sophisticated spyware. In a detailed investigation conducted by Forbidden Stories and its partners, the early stages of Morocco's acquisition and deployment of the Pegasus spyware are meticulously documented, tracing the partnership that seemingly intertwines the interests of these three nations. The relationship is characterized by the cooperation of NSO Group, the Israeli company that developed the spyware, and an Emirati intermediary, which plays a pivotal role in facilitating Morocco's access to this powerful surveillance tool.
In late 2017, discussions regarding the capabilities of Pegasus took place at a discreet villa known as "Villa FSSYS" in Rabat, where NSO representatives demonstrated the software to agents from Morocco’s domestic intelligence service, the DGST. Over the course of ten days, the NSO team showcased the spyware's extraordinary functionalities, which included the ability to remotely control mobile devices—activating cameras and microphones, and extracting sensitive data with unprecedented ease. According to a former DGST agent, the allure of Pegasus was apparent, transforming the surveillance landscape with its ability to exploit vulnerabilities in both Android and iOS systems.
The collaboration between Morocco and the UAE, particularly through the intermediary FSSYS Maroc, has raised questions about the extent of their engagement with NSO and the broader implications for international relations. The role of the Emirati intermediary is significant, as it reportedly facilitated Morocco's utilization of Pegasus, a tool that has been leveraged against political opponents and journalists. This collaboration hints at a deeper alliance that has evolved over time, further fortified after the normalization of relations between Morocco and Israel in 2020, following the signing of the Abraham Accords.
Decoding the Financial Dynamics and Operational Ties
The financial underpinnings of this alliance remain ambiguous, particularly regarding the payments made by the Emirati side to support Morocco's use of Pegasus. Some sources suggest that the UAE may have financed Morocco's access to the spyware, likening the arrangement to a subscription service where one entity pays for the access that multiple countries can utilize. However, this theory has not been conclusively validated, with contrasting reports emerging from various stakeholders involved in the cyber-surveillance industry.
Furthermore, the codename used by NSO for Morocco—"Morgan"—has been corroborated by multiple sources within the cybersecurity realm. This codename exemplifies the systematic approach NSO employs in naming clients, often drawing from the initials of countries and inspired by automotive brands. Despite the Moroccan government's consistent denials regarding its engagement with Pegasus, evidence continues to mount, including a memo from France’s external security agency acknowledging the use of NSO products by both the UAE and Morocco since at least 2017.
The implications of these findings extend beyond mere technical collaboration; they reflect ongoing geopolitical strategies where surveillance technology serves as a tool for state control and influence. As the investigation continues to unravel the layers of this partnership, it becomes increasingly clear that the ramifications of such alliances in the realm of cybersecurity and intelligence gathering are profound and far-reaching, affecting not only the nations involved but also the global landscape of privacy and security.
As reported by forbiddenstories.org.