Between Spies & Corruption

ByMexico Solidarity

This article by Manuel Gonzalez appeared in the July 8, 2025 edition of Sin Embargo.

Pegasus, the spyware created by an israeli company, whose use by PRI-PAN governments has been brought to the forefront again in Mexico amid corruption allegations against Peña Nieto, who allegedly received millions of dollars to promote its purchase and use against journalists, his poltiical opposition, and private individuals.

Pegasus spyware has returned to the centre of Mexican poltical discussion. This weekend, a report published in israeli media revealed that two israeli businessmen, Uri Emmanuel Ansbacher and Avishai Samuel Neriah, allegedly bribed then- President Enrique Peña Nieto to allow the spying system to operate in Mexico. Peña Nieto denied this, but it highlights the impact this technology, developed by NSO, an Israeli company, had on our country.

But what is this software and how does it work? How is it sold, who buys it, and what is it used for? Have any individuals been held accountable for the use of this spying technology?

What is Pegasus?

Although Pegasus spyware is marketed as an “advanced surveillance tool” for tracking criminals and terrorists, organizations and media outlets have questioned its misuse by governments specifically to spy on journalists, poltiical opposition, and even private individuals without a court order.

Pegasus is spyware: software designed to collect data from a device without the user’s knowledge. It is particularly known for its capabilities and high target visibility. It is often considered one of the most sophisticated and elusive spyware tools ever created.

This software can infiltrate iOS or Android smartphones, the most common operating systems in the world, and extract messages, photos, and other data, and even remotely activate cameras and microphones. If a phone is compromised by Pegasus, it can be assumed to be under 24/7 surveillance.

“Pegasus is designed to infiltrate devices running Android, Blackberry, iOS, and Symbian operating systems and turn them into surveillance devices. The company claims to sell Pegasus only to governments and for the sole purpose of tracking criminals and terrorists,” Bhanukiran Gurijala, assistant professor of computer science and information systems at West Virginia University, told The Conversation.

Almost Undetectable

Almost all programs of this type require the user to “open the door”—click on a suspicious link or download a suspicious file—but Pegasus can infiltrate devices without any user action. This is known as a “zero-click” attack.

Zero-click attacks mean that simply receiving a message can make a device vulnerable. Pegasus exploits vulnerabilities in common apps like iMessage, WhatsApp, and other messaging services to infiltrate phones and begin collecting data without the user’s knowledge, according to antivirus company McAfee. This is one of its most dangerous properties: it’s very difficult to detect.

One of the few clues Pegasus can leave is data and battery consumption, although if this happens to a smartphone, it doesn’t mean it’s the reason for high activity or rapid battery loss.

And even if the end-to-end encryption used by companies like Facebook and Google is impenetrable, Pegasus “circles” that wall by “stealthily infiltrating a smartphone and accessing all its content.” “Once installed, it can, in theory, extract any data from the device and transmit it to the attacker. It can steal photos and videos, recordings, location logs, communications, web searches, passwords, call logs, and social media posts,” Gurijala explains.

Pegasus Comes to Light

A global journalistic investigation revealed in 2021 that Pegasus had been used by governments around the world, from Saudi Arabia to Mexico, to spy on activists, human rights defenders, journalists, and politicians, including French President Emmanuel Macron.

As a result, the United States imposed sanctions against its manufacturer, the Israeli company NSO Group, banning its access to American technology; while Israel tightened controls on its cyber exports.

The company has always maintained that its products are designed to hunt down terrorists and criminals, although it cannot control how its customers use them. A few months after the bombshell revelation, NSO Technologies CEO Asher Levy resigned from his position at the head of the Israeli company. The final straw was local media reports that the program was used by the israeli police to spy on citizens without a warrant.

Mexico, Under Calderón, a Dubious Pioneer

In 2023, a New York Times report revealed that in March 2011, during Felipe Calderón’s six-year term, in a “dark cabaret where women danced on stage and sipped tequila,” “the use of the most powerful cyber weapon in existence” was hatched.

“In September 2011, about 30 NSO employees, most of them company personnel, flew to Mexico to install Pegasus, test it, and instruct a team of about 30 Mexican soldiers and officers on how to operate the technology,” the Times revealed. The Mexican unit chosen to operate it is called the Military Intelligence Center, it added.

One of the alleged uses the Calderón administration made of this spy system was to track notorious criminals, such as Joaquín “El Chapo” Guzmán Loera, then a fugitive. However, just a few months ago, the Secretary of Security of that administration, and the then-President’s right-hand man, Genaro García Luna, was convicted for his ties to the Sinaloa Cartel, the very organization founded and led by the kingpin.

Genaro García Luna

But the uses extended beyond the Calderón administration. In June 2017, during the Peña Nieto administration, media outlets revealed the existence of a contract dating back to 2014 between the Attorney General’s Office (PGR, now the Prosecutor’s Office) and Grupo Tech Bull, part of a network of companies linked to the acquisition of Pegasus, for a total of $32 million.

This contract was signed by Tomás Zerón de Lucio, then director of the PGR’s Criminal Investigation Agency and now a fugitive in israel for having participated in the failed “historical truth” investigation into the disappearance of the 43 Ayotzinapa students. In 2015, they allegedly paid 145 million pesos to “scale up” the story they had acquired.

Former high-ranking Mexican bureaucrat, Tomás Zerón de Lucio, now a fugitive residing in the israeli occupation, was instrumental in orchestrating the second significant deployment of Pegasus in Mexico.

The Peña Nieto administration has previously been accused of using Pegasus to spy on key figures, including the inner circle of then-presidential candidate Andrés Manuel López Obrador, as well as journalists and human rights defenders.

In 2023, a protected witness from the Attorney General’s Office (FGR) confessed that former President Enrique Peña Nieto ordered the use of the Pegasus system to spy on businessmen Carlos Slim Helú and Germán Larrea, and journalists such as Carmen Aristegui.

According to Zeus, the Prosecutor’s Office’s protected witness, it was Peña Nieto himself, known as El Patrón, who ordered who was to be spied on.

The surveillance even continued during the López Obrador administration, which promised to end the use of this type of spying. Alejandro Encinas Rodríguez, the undersecretary of human rights during that administration, was spied on through the Pegasus system while investigating abuses by the Mexican military, according to the Times.

These acts occurred even in 2022, when he was leading the government’s Truth Commission into the disappearance of the 43 students from the Ayotzinapa Rural Teachers’ College. Evidence was also found of Pegasus infiltration of the cell phones of two other officials working with Encinas, who have also collaborated on investigations into alleged human rights violations by the Armed Forces.

Consequences Of Its Use

In July 2021, following the revelation of Pegasus’s use by various governments around the world, the United Nations deemed this type of privacy violation “extremely alarming.”

“These reports confirm the urgent need to better regulate the sale, transfer, and use of surveillance technology and to ensure strict oversight and authorization. Without regulatory frameworks that comply with human rights, there is too much risk that these tools will be abused to intimidate critics and silence dissent,” argued UN High Commissioner for Human Rights Michelle Bachelet at the time.

In January of this year, the United Nations Security Council included the issue of Pegasus in its discussion, the first such forum held, where only the world’s major powers participated. The meeting, however, had no formal scope or concrete decisions, but members called for “addressing the implications of the proliferation and misuse of commercial spyware for the maintenance of international peace and security.”

Just in May, Meta, Facebook’s parent company, won a lawsuit for approximately $168 million “in damages” against NSO, after the Israeli company carried out an attack in 2019 to install the system on the phones of more than 1,400 WhatsApp users, another of the companies included in the group led by Mark Zuckerberg.

Mexico, for its part, has a problem with cyberattacks , with hundreds of thousands of cases occurring daily, especially those used for potential fraud and to hack cell phones and gain access to private information, such as contacts, banking information, and personal data.

Even President Claudia Sheinbaum has suffered from these types of problems. In March, the president revealed at her morning press conference that her cell phone had been hacked, but explained that it was a phone she used during her time as mayor of Tlalpan, between 2015 and 2017, although it was never confirmed whether this case was related to the Pegasus issue or another type of attack. “A lot of people who want to communicate with me have that phone, but I no longer use it for my more personal communications,” she said at the time.