Claims of Mexican Gov’t Domestic Spying Raise Concerns About Threats to Democracy, Anti-Corruption Efforts

Mark Browne | June 23, 2017 | 12:39am EDT
Font Size
(Photo: Tim Parkinson/Wikimedia Commons)

Mexico City ( –  Experts say the Mexican government is using sophisticated malware to infect cellphones and spy on and intimidate journalists and anti-corruption activists, resulting in a threat to the freedom of information and the functioning of democracy.

The latest scandal to hit the administration of President Enrique Peña Nieto was sparked by the release this week of a report by the Citizen Lab, an interdisciplinary laboratory based at the University of Toronto’s Munk School of Global Affairs.

The report said Citizen Lab’s research found that more than 76 malware messages had been sent to Mexican journalists, and professionals working in some cases to expose government corruption.

“The targets were working on a range of issues that include investigations of corruption by the Mexican president, and the participation of Mexico’s federal authorities in human rights abuses,” the report said.

The malware infects the targeted phones when the phone owner clicks on a link sent in a SMS message.

Previous investigations by the Mexican digital rights group R3D have documented the purchase of sophisticated spying software by Mexican government entities.

A report by R3D last year found that numerous federal and state authorities in Mexico purchased software capable of infecting computers and cellphones.

R3D’s findings were based in part on emails stolen from the Italian software company Hacking Team made public in 2015. Those emails showed that the Mexican government was the firm’s biggest client.

According to a subsequent investigation by R3D, released this month, the Mexican defense department, the federal attorney general’s office and a national security agency all purchased malware codenamed “Pegasus” from an Israeli cyber security software company, NSO Group.

Once installed on a cellphone, Pegasus can access all information on that phone, including text messages and social media data, listen to phone calls, remotely turn on the phone’s microphone, make recordings, and take pictures with the camera, according to Citizen Lab.

It said its analysis of website links in Pegasus-infected SMS messages sent to a human rights worker in the United Arab Emirates found a “majority of the links to the NSO Group’s servers also had links to Mexico.”

That discovery led Citizen Lab to conclude that Mexican authorities are clients of the NSO Group and that people in Mexico were being targeted by the malware.

A report by the New York Times this week said “ironclad proof” linking the government to the SMS messages sent to Mexican activists and journalists is still lacking.

It quoted an NSO Group official as saying “The Pegasus software does not leave behind the hacker’s individual fingerprints.”

A spokesman for Mexico’s president said this week “there’s no proof that agencies of the government are responsible for the supposed spying.”

He called on those who claim to have been targeted to file a complaint with federal law enforcement authorities “so the appropriate investigations can be undertaken.”

“This is absolutely cynical,” said Dejan Mihailovic Nikolahevic, a professor of politics and international relations at the Mexican university Tecnológico de Monterrey.

“If only the government investigates, it is likely to leave a lot of doubts,” he told

Nikolahevic said if the government is spying on journalists and rights workers, it would pose a “severe” threat to democracy in Mexico.

“We need more time to see if the government is going to take this seriously and investigate it,” he said.

The anti-corruption citizens’ group Mexicanos Contra la Corrupción y la Impunidad, also called the government’s response to the allegations “deficient.”

In a statement, the group said two of its workers, Daniel Lizarrago and Salvador Camarena, had been targeted by malware SMS messages.

Lizarrago, who investigates government corruption at the federal level, told he received several suspicious text messages, one telling him he had approximately $441 in unpaid cellphone bills.

He clicked on one message and it caused his cellphone to turn off and then on again.

Lizarrago said he now encrypts his email for fear it is being monitored.

Alexandra Zapata, director of education at the anti-corruption group El Instituto Mexicano para la Competitividad, said she started getting text messages on her cellphone “that were very suspicious,” beginning last year.

One claimed to have “compromising” photos of her at a dinner she hosted the night before.

“We reached out to Citizen Lab and other organizations in Mexico, shared our messages and shared our phones which were sent to Citizen Lab.”

“Months later they confirmed the messages we were receiving were actually also tied to NSO Group, the Israeli company, and specifically the tool Pegasus.”

According to Citizen Lab, the NSO Group has informed it that its “mission is to help make the world a safer place, by providing authorized governments with technology that helps them combat terror and crime.” The company also said that it “sells only to authorized governmental agencies, and fully complies with strict export control laws and regulations.”

mrc merch