talk to al jazeera, we would you this relationship with the us. we listen coffee. one kid is not covered. 19 has been terrible demonstration of the failure of human, sorry, that we meet with global news makers and talk about the stories that imagine on our sierra ah hello, i'm emily. angling joe. these are the top stories on al jazeera and large crowds of anti government protest is gathering in the news in capital. they cues president kind of staging a crew in july, he suspended parliament and granted himself and judicial powers side formed a government tobar and appointed. and new prime minister, the son of levy, is a former ruler mama daffy has registered as

a candidate to the country's upcoming presidential election. safe al islam gadhafi has said he wants to restore unity to libya after a decade of conflict following his father's downfall. the 49 year old is wanted by the international criminal court. the crimes against humanity. libya correspondent malik trina has moved from jo home. this is a big deal to day. you know, after nearly a decade of hiding were seen safer slam on video. or if in southern libya, so are very surprising for many people weren't even sure that safe islam was alive yet alone. ugh, applying to become the next president. after 10 years of conflict, i think people are shocked, surprised, definitely. he has some support base and there. and they're excited to see him back in the, in the political or political position delivers deeply divided. so he does have some support. i don't think he's gonna be a serious contender. our for president. but it will definitely showcase of the

libyans that are reminiscing of a time when her libya was much more stable. although under, you know, a totalitarian rule or but more stable, more secure people could work and move across the country freely. that's not happening now. so there's definitely a percentage of libyans that reminisce of the times before, 2011 and, and, and, and would possibly vote for safely. sloan. but we just saw a few days ago, a conference in paris where the international community was saying that the elections must go ahead. but there is some serious issues with that a constitutional framework, or has yet to be agreed upon by the rival legislative branches. they're still discussing what kind of powers as a president have are, but the high national electoral commission is still moving along and taking up taking these applications. many countries say they're dissatisfied with the climate

deal reached at the cop $26.00 summit in glasgow. the final statement was diluted call to face down the use of coal rather than face it ass. the un secretary general acknowledge the disappointment, felt by some nations about the deal, but said it's an important starting point. the outcome of cop $26.00 is a compromise. it's reflect the interests, the contradictions and the status. political. lillian, well today it is an important step, but it's not enough. we must accelerate climate section to keep alive the goal of limiting global temperature rise to 1.5 degrees. it's time to go into emergency modes. we must have fossil fuel subsidies phase out call, but the price on carbon protect as well, little communities from the impacts of climate change. in sudan, the death toll has risen to 6 following saturdays protest against the military take over. the sudanese doctor's committee has a q security forces shooting them,

but police deny using live and munition. demonstrators are angry after the army chief formed and you willing council rushes, president vladimir putin says he's ready to help resolve a migrant crisis at the border between valerie and poland. meanwhile, the european union is close to imposing more sanctions on barrows. a you official say the crisis is being orchestrated by the bell. russian government in retaliation for its support of the opposition and bulgarians. at back at the polls. the 3rd time this year elections in april and july failed to form a government. voters are angry about widespread corruption and the new york times is reporting the u. s. military covered up as strikes in syria, the that kill dozens of civilians. the newspapers says it happened in 2019, during the fight against the iso, the u. s. department of defense confirmed for civilian deaths. those the headlines

and news continues here on al jazeera after our 0. well, the news ah ah. in mid 2020, a mobile phone belonging to al jazeera arabic was hacked over the next few months, working with an organization called citizen lap. the team from al jazeera, unpicked, an extraordinary story of some of the most advanced spyware in the world. and how

it's used, not least on al jazeera, as journalists with the click of a button. you can bring down nations to their news very rapidly if you so desire. and if you're willing to take the room, because every system can be that israel manufacturers pegasus. some of the most advanced spyware in the world. it 1st came to attention in 2016. since then, various governments have bought the spyware for their own use. questions today, ah, how does pegasus work? who is using it? and who are its victims? well, it's very little in the actual detail behind pegasus spyware. the code, the malicious code that was used, that's very,

very difficult to find out more about how thought was all at the fair. les leslie and live in a kennel model phone because sort of had, he felt with him, we could live at one and the mac anyway, so i'm had a mold walk in l as in some mold. what have ione in new york about of men? a lot of them could, the seller, this value for be 30 here, the saudi men, and had the follow out to see or arabic investigative reporter, time at all, miss ha, followed a complicated technical process to track this infamous spyware. over many months, he had one of his own phones, monitored constantly with the help of citizen lab and an international research laboratory based in canada that specializes in data surveillance. citizen law was the 1st to expose the existence of israel's pegasus spyware. in 2016, they disclose details of what they called an exploit infrastructure. connected to

a phone belonging to an activist from the united arab emirates, the infiltration, the hack, led to the arrest of madman sewer remains imprisoned. to this day. the new hacking technique was called a 0 day exploit. and pegasus was, the spyware used to infiltrate monsoons phone. bill ma sac from citizen lab, has worked for several years to expose pegasus. so what happened in 2016? started with this man. i had one sort of the activist in the u e. and he noticed some suspicious messages on his phone that he was getting the asam as he thought they were weird because they came from unknown numbers and they were promising information about human rights. so he forwarded them to me at citizen lab. we had known each other for a while. i got a burner phone, not obviously my,

my real phone, a burner phone and clicked on the links. and while i was doing this, i was recording the internet traffic and recording the activity on the phone and what was installed. when i clicked the link was a very sophisticated, spyware payload. and the interesting question was, but who could be behind us? who might have programmed the spyware who might have sold it, who might be using it, and what the process to figure that out is called attribution. so what we did in the report is we noticed that a, when you clicked on the link a 2nd time, it wouldn't cause the infection is only limited to the 1st click. and the 2nd click would send you to a decoy website to try and make it look innocuous or benign. so we clicked on the 2nd time we got redirected to google, but it wasn't just any redirect to google. it was a very specific piece of code that someone had sat down and written on their computer. so we figured, well, maybe this is part of this spyware somehow. and if we can scan the internet,

we can find other servers that had the same weird redirect to google. so this is exactly what we did. we used the popular open source v math program. we scan the internet and found 149 other servers, and this is where it gets interesting because this 2nd redirect to google was also returned by 3 servers. and s o q a dot com q a n q a dot com, and mail one dot and s o group dot com and the name here and a so group we found in a brochure in these really government's website. they had a brochure for this company, and a so group, which is based in israel and sells a product called pegasus, which is spyware, for mobile phones. in the case of pegasus citizen lab did very good work and was very, very conclusively able to say that pegasus had been written by and so, but it's actually stream we rare that we're able to get that sort of concrete

attribution and say this malware was written by this company, the n s o group is a technology company based in hatch layer in israel founded in 2010, it employs over 500 cybersecurity experts, pegasus spyware, is viewed as its most important product use. israel is one of the most sophisticated cyber actors in the world. and i think that a lot of this is because the israeli army is training people to do this sort of offensive hacking for you know, in, in their military service. more of them allow melinda if he, how he shotuko tom harrigeville min wish that they are coming to left within where, where should the hostile a wider way as, as than the hill, alyssa, what else? alaska realist, leja aluminum, or her command olivia,

the custom were hold or either shudder curtly, morocco about a little harbor. it was out of a default with alkalis, lightly r n a say, which was gall unit, a 200. it's pretty rude. we allow them to grow companies and, and order for the companies to develop their need to make. what do they need to make money? they need to make money. tomato most house spoke to william benny, who for over 30 years, worked with the us national security agency, a former cryptography, and later a whistle block. benny was the essays, technical leader of intelligence. benny has a high level understanding of the agencies, data collection systems. what that means is, any i thong or any phone in the world, 1st connecting to the network, when you want to use it, you're immediately known worldwide. i mean,

all the switches have you and they capture your i. p. s and all and your phone and at mac numbers and all that. that's how they bill you. so that also is the known by the network in the implants, computer network exploitation implants, they have around the world over. this was in 2004 under 2010, somewhere in that range. they had over 50000 implants and all the switches, servers, and networked worldwide. i mean, that means they own the entire network. so that if you, your phone comes on the air, then they can, they can know who you are and where you are when citizen, lab exposed, and so, and it's pegasus spyware. in 2016, it attracted world wide controversy. and a so claims its mission is to develop technology for government agencies to quote, detect and prevent terrorism and crime. however, the nature of its targets, the individuals whose phones have been hacked, raises questions about these claims. when pegasus was released

a few years ago, it was mainly targeted on human rights activists, journalists, and politicians, and targeted people, maybe of people with high wealth. but it's never gree going to be used on the, on china public if you would, to target every one and in math net. i don't think that would be as important to the people behind it. they didn't want to see my day to day. that was your day to day going off to specific people. the danger of such spyware as its ability to infiltrate every piece of private information and hack the targeted device through the most used applications. oh. in 2019 whatsapp owned by facebook accused and eso of hacking the popular communications tool. this raised fear amongst the huge numbers of global users of

horse ab, especially at a time when some targeted victims appeared to meet with dreadful consequences. it. i saw him select gala softly darvin visit phone miss they him been mostly elizabeth lane or the bell of a so need to know how soon she aqua of us for love me dog they love dark mo will shave monkwood to have my will ma'am. let myself go, monsieur. love them. he does. i am. he saw no laws. they are still in some mexico. i up on me issue michelle at mexico visual debate on a mexican, he there's a lot at all nozzles to holland. nearly a clue away equal ny. she a do, i would be called to a law mr. alamba london, shallow. the yeoman hud do when they alum. so if you do think that you are someone who is an important target, you're likely to face scrutiny by some government in the middle east or elsewhere.

and you are a journalist, an activist, or a member of civil society. i'd recommend that yes. please do get in touch with, with citizen lab or other researchers who work in this space either or and yeah, any other channel and we saw wanted to know how difficult it was to monitor a phone, suspected of being hacked. and here, how many s anna basically involves installing an app on the phone, which allows us to inspect the internet traffic. and we do this for some period of time, depending on what the at a user would like. we can do it for a short time. we can do it for a long time and try and identify suspicious patterns or evidence that that the phone might be hacked. while working as an investigative journalist, almost held receipt, sweats, and other suspicious messages through different apps. the threats increased over the months ramping up. as he worked on more sensitive regional subjects. he decided

to install a tracking up on his work phone, developed by citizen black to trace possible hacking. the conventional way to hack a smartphone is to send a suspicious message to the targeted form that includes a short text and a link. when the user clicks on the link, software takes control of the phone and thus makes the device accept any commands sent through the link. the device is then automatically connected to a server used by the hackers, and that is how the spyware gets installed on the phone. the user doesn't see the spyware on their phone, which has already been packed. the hackers can then control the device and all its functions. the main challenge for spyware is to find a vulnerability in the targeted phone, particularly as modern smartphone security protection techniques have developed

significantly. pegasus managed to advance this capability considerably to be able to penetrate various kinds of smartphone. once the infection happened, the malware itself did the same stuff that we see a lot of malware do, which is spy on phone calls, spy on text messages, and whatsapp messages. and any other encrypted messages you're sending and turn on your microphone and turn on your camera. um, what made it especially sophisticated was that they were willing to use brand new exploits for i phones to in fact they are victims and some of these exploits could cost upwards of a $1000000.00 each supply of pegasus spyware, to its clients, costs millions of dollars and it can only used for a limited period of time. that means targeting a large number of smartphones from long periods of time, costs hundreds of millions of dollars. this extremely expensive cost raises

questions. who can afford this spyware? who are an esl groups, main clients. on its website and as so group says it's spyware is quote, used exclusively by government intelligence, as efficiently requested by the governments themselves. does this mean that pegasus cannot be purchased by other parties, when people leave the israeli military? or if they have all this very specialized, very highly sought after well paid knowledge. and so they take it to private companies such as an as oh group, right. and then they, they'd sell it to a countries that are known to violate human rights. because you know, even though they are perhaps very intelligent and by computer security, they clearly haven't thought so much about the human rights implications of what

they're doing or maybe they don't care. vega saw them of op, bought each and we'll hail it, eat doing that, you will i with it there like legal fin, wish, named we still hold still to be the haunted mid denote it of in a haunted as they get on the go go me miley money off on lloyd, they are the mortality zillow. ton themselves as a ally, ma hinesville, mexico, a mac law, kemesha movie lava fo deep a. mahala lane hold amiable york and the mahala layer ardelane lay the columbia of bell ben, all admitting old bo lome. while working on this investigation, tom, at almost how so many signs of hacking attempts on his phone, the one he had fitted out to track any infiltration. after 7 months, the 19th of july 2020, he received a phone call from citizen lab informing him that the phone had been hacked.

the hacking happened a few days after he had erred an investigative documentary about an indian tie. truth, which disclosed controversial leaked documents about the tie coons linked to the you eat, and his flight from the country are miss hall had used the same form to communicate with officials and individuals in the u. e. in order to give them the right to reply to the allegations in the film. so the 1st thing that we saw on your phone was on july 19th between about 103311288. m g m cheap. there were a very high number of connections to apple servers. now usually your phone will just communicate with one apple server for icloud, for your backups, for your contacts syncing the information. but in this case, in less than an hour, we saw your phone and communicate with 18 different apple servers. and this was

very unusual. you don't usually see those on phones. so that was the 1st clue that something suspicious was going on. and immediately after this communication stopped, we saw your phone reach out to this website regular hours dot net. in other words, your phone connected to this website. and this website stands out, because we know from our research, a citizen lab that regular ours dot net, this website is linked to in a, so group pegasus spyware. so we saw your phone reaching out to this. and if so, packets, spyware, server, which let us to suspect, and then later conclude that your phone was infected. so what we can see from the recording of your internet traffic. so let's go to this point in time here, 1129, where the phone communicates with the pack us a server and we can look beforehand to see what was going on mediately before that . and the only thing that we see is this communication with icloud, with apple servers. we don't see any evidence that you pressed on

a link were clicked on anything or went to any website. so what we think happened is that these communications with the apple servers delivered the initial exploits to have your phone. in other words, you didn't click on anything. your phone was automatically hacked, a so called 0 click, like we said 0 click exploit delivered through apple servers. this is a very expensive export. yes, this is if you think about the sophistication of exports to break into phones. this is as good as it gets 0 click means hacking, without clicking on any links. pegasus does not require any action by the user or a click on any suspicious links. the user receives a call from an unknown caller through the internet, and the phone gets hacked, even without answering the phone call. after that pegasus spyware is installed on the targeted phone. taking full control of the device was definitely the most

sophisticated attack i've seen in the last few years. a fact it was able to be installed on a target device without the target, even clicking on anything. so 0 click attack. this is incredibly impressive. like is a very barely thing to better do that. it so sophisticated. but as it these rare, it's difficult for us to, to really know much more about it. if something of this magnitude was able to be conducted to steal such data is the bit of a worry. he had that if the rock as the little click tomato miss hall wanted to know if the 0 click process enabled, complete access to all the applications and content mark on his full tough in milan . and he has as far as we know, they can access everything on the phone. we saw from looking at the log files on your phone that they were able to access the media framework. so they were able to

turn on the microphone turn on the camera. if they wanted to listen into meetings or conversations going on around your device, or they were also able to tap into the key chain on the phone, this is where your passwords for email accounts. social media may be stored in the fact that citizen lab was tracking thomas phone helped him take precautionary measures to prevent sensitive information being accessed. the most important thing was for him to discover the moment the hacking to place and who else was affect it. for what we found, working together with elders here as i t team is that your case was not the only one. there were at least $36.00 other cases inside al, jazeera of phones that were communicating with servers that we linked to and s o groups pegasus spyware. in other words, there were many different people at al jazeera who were hacked and targeted, not just you i'll miss hull and the team from citizen lab

analyze the data connected to the hacking technology which targeted these devices. the hack appeared to be part of an organized campaigns targeting symbol tenuously, the mobile phones of dozens of al jazeera journalists in order to spy on them. according to citizen labs technical report, israel's pegasus spyware, was used to infiltrate these phones by looking at the links and the accounts, the hacking of the phones was carried out, mainly in the u. e. and saudi arabia. the 2 countries that most used this advanced israeli technology in the region. but what we saw with the infections inside al jazeera is that about half of them were from this operator that we call monarchy. it's a code name that we give these operators when we refer to them inside citizen lamp

. and this operator is spying mostly in saudi arabia and cutter, but not very many other countries. so this tells us, well, if they're spying mostly in saudi arabia, maybe it is, in fact the saudi arabian government and the other half were from this other operator that we call sneaky castro inside citizen lab. and this operator seems to be mostly targeting inside the united arab emirates and cutter. so this tells us that the government, in this case may be the united arab emirates government. in other words, to different governments. it looks like we're behind this campaign. ah, deals to purchase pegasus spyware on no longer a secret. many reports claim that saudi arabia and the u. e. have spent hundreds of millions of us dollars to buy pegasus from israel. such deal as it seemed to be

reinforced after the recent us brokers so called normalization deal between the u. a. e and israel, ah ah, tens of thousands of children born into old lives under the iceland regime in iraq and syria. now many are in camps, either orphans, all with a widowed mothers, rejected by their own communities, shaking your length of people are going to welcome them after that. of course, mom and you documentary his, that chilling and traumatic stories for the children throw stones at me. iraq's last generation on al jazeera to me from the shoals of the red sea storage, a clean, more tech is a global problem and pull management the major. but in georgia, this team, a fema plummet, is change it to the peaks of the himalayas,

where water conservation looks like this dazzling solutions to find the world's most precious resource. in the next episode of ath right, we look at what is being done december 4th toys on al jazeera. the latest news as it breaks local family fe, that this is the only way they have to make a living. but it's having a huge impact on the environment with detailed coverage, regional and intellectual actors have been urging to local upon through birth his school. and we're throw the transitional government he dissolved from around the world. 8 groups alleged greek authorities have often tried to prevent potential asylum seekers from entering greek territory. a welcome to a world of confidence, service excellence. with business class, where your privacy is paramount and your experience. come

sit back, relax in your own private space, and let us take care of everything. catera weighs the airlines you can rely on blue. hello, i'm emily anglin, in dough. how these, the top story is on al jazeera, large crowds of anti government protest is a gathering in the to news in capital bank use. president guy said of staging a crew in july after he suspended parliament and granted himself judicial powers. i had formed a government in october and appointed a new prime minister. the son of libya is former rule, and while my gadhafi has registered as

a candidate for the countries upcoming presidential election cipher al islam gadhafi is also wanted for the by the international criminal court.