Amnesty International on Wednesday said a recent cyberattack against one of its employees has been linked to Israeli-made spy software.
The 20-page report said the Amnesty worker received a suspicious Arabic message on their cellphone in June, that was delivered through the WhatsApp messenger.
Amnesty's investigation found the message, about a Saudi embassy protest, was intended to bait the employee into clicking on a malicious link tied to Israeli surveillance vendor NSO Group.
The message translated from Arabic read, "Can you please cover [the protest] for your brothers detained in Saudi Arabia in front of the Saudi embassy in Washington. My brother is detained in Ramadan and I am on a scholarship here so please do not link me to this [link] Cover the protest now it will start in less than an hour. We need your support please"
The employee was working in Saudi Arabia when the message was received.
Amnesty said when clicked, the link installs malware that compromises the victim's electronic device and turns it into a tracking tool, and allows hackers to listen in on conversations.
One other human rights activist in Saudi Arabia received a similar message, the report said.
"NSO Group is known to only sell its spyware to governments. We therefore believe that this was a deliberate attempt to infiltrate Amnesty International by a government hostile to our human rights work," said Joshua Franco, Amnesty International head of technology and human rights.
"This chilling attack on Amnesty International highlights the grave risk posed to activists around the world by this kind of surveillance technology."
The Citizen Lab, an interdisciplinary laboratory based at the University of Toronto, corroborated Amnesty's findings.
In 2016, the Canadian lab reported a similar cyberattack that targeted award-winning human rights activist Ahmed Mansoor.